Re: Missing NULL check after calling ecpg_strdup
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Aleksander Alekseev <aleksander@tigerdata.com>
Cc: pgsql-hackers@lists.postgresql.org, Evgeniy Gorbanev <gorbanyoves@basealt.ru>
Date: 2025-07-12T03:23:07Z
Lists: pgsql-hackers
On Fri, Jul 11, 2025 at 07:22:36PM +0300, Aleksander Alekseev wrote: > The patch looks correct, but I believe it's incomplete. It misses > several other places where ecpg_strdup() is called without proper > checks. A correct patch would look like the one attached. > > While working on it I noticed a potentially problematic strcmp call, > marked with XXX in the patch. I didn't address this issue in v2. > > Thoughts? The semantics that I'm finding really annoying is the fact that ecpg_strdup() is OK to assume that a NULL input is valid to handle, so there is no way to make the difference between what should be an actual error and what should be valid, leading to more confusion because "realname" can be NULL. Should we actually check sqlca_t more seriously if failing one of the strdup calls used for the port, host, etc. when attempting the connection? The ecpg_log() assumes that a NULL value equals a <DEFAULT>, which would be wrong if we failed one of these allocations on OOM. -- Michael
Commits
-
ecpg: Improve error detection around ecpg_strdup()
- a6eabec6808c 19 (unreleased) landed
-
ecpg: Fix NULL pointer dereference during connection lookup
- c934d5673894 13.22 landed
- 408fe659a890 14.19 landed
- 0123922f82d2 15.14 landed
- 313d3102facd 16.10 landed
- 2805e1c1edd5 17.6 landed
- 0ded7615d8ca 18.0 landed
- 1b8bbee05d70 19 (unreleased) landed