Thread
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Add more tests for corrupted data with pglz_decompress()
- 5c00f4e2e3bc 14 (unreleased) landed
- f4ba78081895 15 (unreleased) landed
- 5f12d86dd762 16 (unreleased) landed
- 54eeefaedbee 17 (unreleased) landed
- 89192080f0a9 18 (unreleased) landed
- 900c07b854a7 19 (unreleased) landed
-
Plug-in coverage hole for pglz_decompress()
Michael Paquier <michael@paquier.xyz> — 2026-05-11T06:35:50Z
Hi all, (Andrew in CC, in case.) While doing a post-commit review of 67d318e70402, I have noticed the following coverage hole in pglz_decompress(), where a failure of this check is not covered, see also [1]: if (unlikely(off == 0 || off > (dp - (unsigned char *) dest))) return -1; This can be triggered easily with the two following sequences in the regression tests: SELECT test_pglz_decompress('\x011001'::bytea, 1024, true); SELECT test_pglz_decompress('\x010300'::bytea, 1024, true); It's unfortunately too late for this round of minor releases, but I'd like to fix this hole once the next minor versions are tagged, down to v14. If there are any objections or comments, feel free. Mea culpa. Thanks, [1]: https://coverage.postgresql.org/src/common/pg_lzcompress.c.gcov.html -- Michael -
Re: Plug-in coverage hole for pglz_decompress()
Ayush Tiwari <ayushtiwari.slg01@gmail.com> — 2026-05-11T06:57:43Z
Hi, On Mon, 11 May 2026 at 12:06, Michael Paquier <michael@paquier.xyz> wrote: > Hi all, > (Andrew in CC, in case.) > > While doing a post-commit review of 67d318e70402, I have noticed the > following coverage hole in pglz_decompress(), where a failure of this > check is not covered, see also [1]: > if (unlikely(off == 0 || > off > (dp - (unsigned char *) dest))) > return -1; > > This can be triggered easily with the two following sequences in the > regression tests: > SELECT test_pglz_decompress('\x011001'::bytea, 1024, true); > SELECT test_pglz_decompress('\x010300'::bytea, 1024, true); > > It's unfortunately too late for this round of minor releases, but I'd > like to fix this hole once the next minor versions are tagged, down to > v14. If there are any objections or comments, feel free. Mea culpa. > > I looked at this on my current master. The patch applies cleanly and compression_pglz passes for me. The two added inputs seem to cover the intended cases: one produces an offset larger than the amount of output already written, and the other produces offset zero, so both exercise the corrupt-input guard in pglz_decompress(). Patch looks good to me. Regards, Ayush -
Re: Plug-in coverage hole for pglz_decompress()
Michael Paquier <michael@paquier.xyz> — 2026-05-13T06:19:30Z
On Mon, May 11, 2026 at 12:27:43PM +0530, Ayush Tiwari wrote: > The two added inputs seem to cover the intended cases: one produces an > offset larger than the amount of output already written, and the other > produces offset zero, so both exercise the corrupt-input guard in > pglz_decompress(). Thanks for double-checking. Done. -- Michael