Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

Commit 08bf4d7

Browse files
tglsfdctglsfdc
committed
Check for failure of malloc() and realloc() when allocating space for
VFD entries. On platforms where dereferencing a null pointer doesn't lead to coredump, it's possible that this omission could have led to unpleasant behavior like deleting the wrong file.
1 parent 6cc6f18 commit 08bf4d7

File tree

1 file changed

+16
-7
lines changed
  • src/backend/storage/file

1 file changed

+16
-7
lines changed

src/backend/storage/file/fd.c

Lines changed: 16 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
* Portions Copyright (c) 1994, Regents of the University of California
88
*
99
* IDENTIFICATION
10-
* $Header: /cvsroot/pgsql/src/backend/storage/file/fd.c,v 1.75 2001/04/03 02:31:52 tgl Exp $
10+
* $Header: /cvsroot/pgsql/src/backend/storage/file/fd.c,v 1.76 2001/04/03 04:07:02 tgl Exp $
1111
*
1212
* NOTES:
1313
*
@@ -484,7 +484,8 @@ AllocateVfd(void)
484484
{
485485
/* initialize header entry first time through */
486486
VfdCache = (Vfd *) malloc(sizeof(Vfd));
487-
Assert(VfdCache != NULL);
487+
if (VfdCache == NULL)
488+
elog(FATAL, "AllocateVfd: no room for VFD array");
488489
MemSet((char *) &(VfdCache[0]), 0, sizeof(Vfd));
489490
VfdCache->fd = VFD_CLOSED;
490491

@@ -506,17 +507,23 @@ AllocateVfd(void)
506507
* However, there's not much point in starting *real* small.
507508
*/
508509
Size newCacheSize = SizeVfdCache * 2;
510+
Vfd *newVfdCache;
509511

510512
if (newCacheSize < 32)
511513
newCacheSize = 32;
512514

513-
VfdCache = (Vfd *) realloc(VfdCache, sizeof(Vfd) * newCacheSize);
514-
Assert(VfdCache != NULL);
515+
/*
516+
* Be careful not to clobber VfdCache ptr if realloc fails;
517+
* we will need it during proc_exit cleanup!
518+
*/
519+
newVfdCache = (Vfd *) realloc(VfdCache, sizeof(Vfd) * newCacheSize);
520+
if (newVfdCache == NULL)
521+
elog(FATAL, "AllocateVfd: no room to enlarge VFD array");
522+
VfdCache = newVfdCache;
515523

516524
/*
517525
* Initialize the new entries and link them into the free list.
518526
*/
519-
520527
for (i = SizeVfdCache; i < newCacheSize; i++)
521528
{
522529
MemSet((char *) &(VfdCache[i]), 0, sizeof(Vfd));
@@ -529,7 +536,6 @@ AllocateVfd(void)
529536
/*
530537
* Record the new size
531538
*/
532-
533539
SizeVfdCache = newCacheSize;
534540
}
535541

@@ -553,6 +559,7 @@ FreeVfd(File file)
553559
free(vfdP->fileName);
554560
vfdP->fileName = NULL;
555561
}
562+
vfdP->fdstate = 0x0;
556563

557564
vfdP->nextFree = VfdCache[0].nextFree;
558565
VfdCache[0].nextFree = file;
@@ -678,7 +685,9 @@ fileNameOpenFile(FileName fileName,
678685

679686
Insert(file);
680687

681-
vfdP->fileName = malloc(strlen(fileName) + 1);
688+
vfdP->fileName = (char *) malloc(strlen(fileName) + 1);
689+
if (vfdP->fileName == NULL)
690+
elog(FATAL, "fileNameOpenFile: no room to save VFD filename");
682691
strcpy(vfdP->fileName, fileName);
683692

684693
/* Saved flags are adjusted to be OK for re-opening file */

0 commit comments

Comments
 (0)