Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

Commit 8285b48

Browse files
michaelpqmichaelpq
committed
Fix potential NULL pointer dereference in getIdentitySequence()
The function invokes SearchSysCacheAttNum() and SearchSysCacheAttName(). They may respectively return 0 for the attribute number or NULL for the attribute name if the attribute does not exist, without any kind of error handling. The common practice is to check that the data retrieved from the syscache is valid. There is no risk of NULL pointer dereferences currently, but let's stick to the practice of making sure that this data is always valid, to catch future inconsistency mistakes. The code is switched to use get_attnum() and get_attname(), and adds some error handling. Oversight in 5091995. Reported-by: Ranier Vilela Author: Ashutosh Bapat Discussion: https://postgr.es/m/CAEudQAqh_RZqoFcYKso5d9VhF-Vd64_ZodfQ_2zSusszkEmyRg@mail.gmail.com
1 parent 945ec4c commit 8285b48

File tree

1 file changed

+7
-13
lines changed

1 file changed

+7
-13
lines changed

src/backend/catalog/pg_depend.c

Lines changed: 7 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -945,7 +945,7 @@ getOwnedSequences(Oid relid)
945945
Oid
946946
getIdentitySequence(Relation rel, AttrNumber attnum, bool missing_ok)
947947
{
948-
Oid relid;
948+
Oid relid = RelationGetRelid(rel);
949949
List *seqlist;
950950

951951
/*
@@ -954,22 +954,16 @@ getIdentitySequence(Relation rel, AttrNumber attnum, bool missing_ok)
954954
*/
955955
if (RelationGetForm(rel)->relispartition)
956956
{
957-
List *ancestors =
958-
get_partition_ancestors(RelationGetRelid(rel));
959-
HeapTuple ctup = SearchSysCacheAttNum(RelationGetRelid(rel), attnum);
960-
const char *attname = NameStr(((Form_pg_attribute) GETSTRUCT(ctup))->attname);
961-
HeapTuple ptup;
957+
List *ancestors = get_partition_ancestors(relid);
958+
const char *attname = get_attname(relid, attnum, false);
962959

963960
relid = llast_oid(ancestors);
964-
ptup = SearchSysCacheAttName(relid, attname);
965-
attnum = ((Form_pg_attribute) GETSTRUCT(ptup))->attnum;
966-
967-
ReleaseSysCache(ctup);
968-
ReleaseSysCache(ptup);
961+
attnum = get_attnum(relid, attname);
962+
if (attnum == InvalidAttrNumber)
963+
elog(ERROR, "cache lookup failed for attribute \"%s\" of relation %u",
964+
attname, relid);
969965
list_free(ancestors);
970966
}
971-
else
972-
relid = RelationGetRelid(rel);
973967

974968
seqlist = getOwnedSequences_internal(relid, attnum, DEPENDENCY_INTERNAL);
975969
if (list_length(seqlist) > 1)

0 commit comments

Comments
 (0)