Re: COPY FROM ON_ERROR SET_NULL bypasses domain NOT NULL with partial column list
Chao Li <li.evan.chao@gmail.com>
From: Chao Li <li.evan.chao@gmail.com>
To: Fujii Masao <masao.fujii@gmail.com>
Cc: jian he <jian.universality@gmail.com>,
SATYANARAYANA NARLAPURAM <satyanarlapuram@gmail.com>,
PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2026-05-18T22:27:54Z
Lists: pgsql-hackers
> On May 18, 2026, at 21:22, Fujii Masao <masao.fujii@gmail.com> wrote: > > On Fri, Apr 17, 2026 at 12:59 PM jian he <jian.universality@gmail.com> wrote: >> >> On Fri, Apr 17, 2026 at 1:09 AM SATYANARAYANA NARLAPURAM >> <satyanarlapuram@gmail.com> wrote: >>> >>> HI hackers, >>> >>> domain_with_constraint[] was allocated with list_length(attnumlist) >>> elements and indexed sequentially via foreach_current_index(), but >>> copyfromparse.c accesses it via attnum - 1 (physical attribute index). >>> With a partial column list targeting high-numbered columns, this caused >>> an out-of-bounds read that bypassed domain NOT NULL checks, silently >>> inserting NULL into NOT NULL domain columns. >>> >>> Fix by allocating with num_phys_attrs and indexing by attnum - 1, >>> consistent with all other per-column arrays in BeginCopyFrom(). >>> >>> Patch is attached, and added a new test case to cover this scenario. >>> >> >> The patch looks good to me. >> I simplified the tests. > > The patch looks good to me. Barring any objections, I will commit it. > > Regards, > > -- > Fujii Masao I also found this bug and reported it here [1]. I just reviewed v2, the code change of the fix itself is exactly the same as my version in [1]. The new test is slightly different from my version, but I think that also works. [1] https://www.postgresql.org/message-id/8A72720A-55AC-4D41-B9DF-5610307600E6%40gmail.com Best regards, -- Chao Li (Evan) HighGo Software Co., Ltd. https://www.highgo.com/