diff options
| author | Daniel Gustafsson | 2025-03-27 21:57:34 +0000 |
|---|---|---|
| committer | Daniel Gustafsson | 2025-03-27 21:57:34 +0000 |
| commit | 058b5152f02ef86c98a795c14dbd6a8e195f4fd1 (patch) | |
| tree | d6108de3269154c0a03cb696d64f5ef04f0f07d1 /src/backend/commands | |
| parent | 043799fa08c2c71f35816ca067951266d2e9ebe0 (diff) | |
Fix guc_malloc calls for consistency and OOM checks
check_createrole_self_grant and check_synchronized_standby_slots
were allocating memory on a LOG elevel without checking if the
allocation succeeded or not, which would have led to a segfault
on allocation failure.
On top of that, a number of callsites were using the ERROR level,
relying on erroring out rather than returning false to allow the
GUC machinery handle it gracefully. Other callsites used WARNING
instead of LOG. While neither being not wrong, this changes all
check_ functions do it consistently with LOG.
init_custom_variable gets a promoted elevel to FATAL to keep
the guc_malloc error handling in line with the rest of the
error handling in that function which already call FATAL. If
we encounter an OOM in this callsite there is no graceful
handling to be had, better to error out hard.
Backpatch the fix to check_createrole_self_grant down to v16
and the fix to check_synchronized_standby_slots down to v17
where they were introduced.
Author: Daniel Gustafsson <[email protected]>
Reported-by: Nikita <[email protected]>
Reviewed-by: Tom Lane <[email protected]>
Bug: #18845
Discussion: https://postgr.es/m/[email protected]
Backpatch-through: 16
Diffstat (limited to 'src/backend/commands')
| -rw-r--r-- | src/backend/commands/user.c | 2 | ||||
| -rw-r--r-- | src/backend/commands/variable.c | 4 |
2 files changed, 4 insertions, 2 deletions
diff --git a/src/backend/commands/user.c b/src/backend/commands/user.c index 8ae510c623b..0d638e29d00 100644 --- a/src/backend/commands/user.c +++ b/src/backend/commands/user.c @@ -2566,6 +2566,8 @@ check_createrole_self_grant(char **newval, void **extra, GucSource source) list_free(elemlist); result = (unsigned *) guc_malloc(LOG, sizeof(unsigned)); + if (!result) + return false; *result = options; *extra = result; diff --git a/src/backend/commands/variable.c b/src/backend/commands/variable.c index f550a3c0c63..84f044a1959 100644 --- a/src/backend/commands/variable.c +++ b/src/backend/commands/variable.c @@ -1087,7 +1087,7 @@ check_application_name(char **newval, void **extra, GucSource source) if (!clean) return false; - ret = guc_strdup(WARNING, clean); + ret = guc_strdup(LOG, clean); if (!ret) { pfree(clean); @@ -1125,7 +1125,7 @@ check_cluster_name(char **newval, void **extra, GucSource source) if (!clean) return false; - ret = guc_strdup(WARNING, clean); + ret = guc_strdup(LOG, clean); if (!ret) { pfree(clean); |