public inbox for [email protected]help / color / mirror / Atom feed
pgsql: hstore: Fix NULL pointer dereference with receive function 6+ messages / 1 participants [nested] [flat]
* pgsql: hstore: Fix NULL pointer dereference with receive function @ 2026-02-16 23:42 Michael Paquier <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Michael Paquier @ 2026-02-16 23:42 UTC (permalink / raw) To: [email protected] hstore: Fix NULL pointer dereference with receive function The receive function of hstore was not able to handle correctly duplicate key values when a new duplicate links to a NULL value, where a pfree() could be attempted on a NULL pointer, crashing due to a pointer dereference. This problem would happen for a COPY BINARY, when stacking values like that: aa => 5 aa => null The second key/value pair is discarded and pfree() calls are attempted on its key and its value, leading to a pointer dereference for the value part as the value is NULL. The first key/value pair takes priority when a duplicate is found. Per offline report. Reported-by: "Anemone" <[email protected]> Reported-by: "A1ex" <[email protected]> Backpatch-through: 14 Branch ------ REL_17_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/0dfbe42da7f75833e807e281332594e73451894b Modified Files -------------- contrib/hstore/hstore_io.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
* pgsql: hstore: Fix NULL pointer dereference with receive function @ 2026-02-16 23:42 Michael Paquier <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Michael Paquier @ 2026-02-16 23:42 UTC (permalink / raw) To: [email protected] hstore: Fix NULL pointer dereference with receive function The receive function of hstore was not able to handle correctly duplicate key values when a new duplicate links to a NULL value, where a pfree() could be attempted on a NULL pointer, crashing due to a pointer dereference. This problem would happen for a COPY BINARY, when stacking values like that: aa => 5 aa => null The second key/value pair is discarded and pfree() calls are attempted on its key and its value, leading to a pointer dereference for the value part as the value is NULL. The first key/value pair takes priority when a duplicate is found. Per offline report. Reported-by: "Anemone" <[email protected]> Reported-by: "A1ex" <[email protected]> Backpatch-through: 14 Branch ------ REL_14_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/f604cc695cb52e2751710c890dbf10accffbd0c8 Modified Files -------------- contrib/hstore/hstore_io.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
* pgsql: hstore: Fix NULL pointer dereference with receive function @ 2026-02-16 23:42 Michael Paquier <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Michael Paquier @ 2026-02-16 23:42 UTC (permalink / raw) To: [email protected] hstore: Fix NULL pointer dereference with receive function The receive function of hstore was not able to handle correctly duplicate key values when a new duplicate links to a NULL value, where a pfree() could be attempted on a NULL pointer, crashing due to a pointer dereference. This problem would happen for a COPY BINARY, when stacking values like that: aa => 5 aa => null The second key/value pair is discarded and pfree() calls are attempted on its key and its value, leading to a pointer dereference for the value part as the value is NULL. The first key/value pair takes priority when a duplicate is found. Per offline report. Reported-by: "Anemone" <[email protected]> Reported-by: "A1ex" <[email protected]> Backpatch-through: 14 Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/a6f823e77835a075265bc6accce0a17370ed6db5 Modified Files -------------- contrib/hstore/hstore_io.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
* pgsql: hstore: Fix NULL pointer dereference with receive function @ 2026-02-16 23:42 Michael Paquier <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Michael Paquier @ 2026-02-16 23:42 UTC (permalink / raw) To: [email protected] hstore: Fix NULL pointer dereference with receive function The receive function of hstore was not able to handle correctly duplicate key values when a new duplicate links to a NULL value, where a pfree() could be attempted on a NULL pointer, crashing due to a pointer dereference. This problem would happen for a COPY BINARY, when stacking values like that: aa => 5 aa => null The second key/value pair is discarded and pfree() calls are attempted on its key and its value, leading to a pointer dereference for the value part as the value is NULL. The first key/value pair takes priority when a duplicate is found. Per offline report. Reported-by: "Anemone" <[email protected]> Reported-by: "A1ex" <[email protected]> Backpatch-through: 14 Branch ------ REL_18_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/4a0843c539018a1aad22a3ec8209b0ff1697b65d Modified Files -------------- contrib/hstore/hstore_io.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
* pgsql: hstore: Fix NULL pointer dereference with receive function @ 2026-02-16 23:42 Michael Paquier <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Michael Paquier @ 2026-02-16 23:42 UTC (permalink / raw) To: [email protected] hstore: Fix NULL pointer dereference with receive function The receive function of hstore was not able to handle correctly duplicate key values when a new duplicate links to a NULL value, where a pfree() could be attempted on a NULL pointer, crashing due to a pointer dereference. This problem would happen for a COPY BINARY, when stacking values like that: aa => 5 aa => null The second key/value pair is discarded and pfree() calls are attempted on its key and its value, leading to a pointer dereference for the value part as the value is NULL. The first key/value pair takes priority when a duplicate is found. Per offline report. Reported-by: "Anemone" <[email protected]> Reported-by: "A1ex" <[email protected]> Backpatch-through: 14 Branch ------ REL_16_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/31d0b917d162b4d5401e1f0ebd27f987d44cbabf Modified Files -------------- contrib/hstore/hstore_io.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
* pgsql: hstore: Fix NULL pointer dereference with receive function @ 2026-02-16 23:42 Michael Paquier <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Michael Paquier @ 2026-02-16 23:42 UTC (permalink / raw) To: [email protected] hstore: Fix NULL pointer dereference with receive function The receive function of hstore was not able to handle correctly duplicate key values when a new duplicate links to a NULL value, where a pfree() could be attempted on a NULL pointer, crashing due to a pointer dereference. This problem would happen for a COPY BINARY, when stacking values like that: aa => 5 aa => null The second key/value pair is discarded and pfree() calls are attempted on its key and its value, leading to a pointer dereference for the value part as the value is NULL. The first key/value pair takes priority when a duplicate is found. Per offline report. Reported-by: "Anemone" <[email protected]> Reported-by: "A1ex" <[email protected]> Backpatch-through: 14 Branch ------ REL_15_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/63c05e03bcc5e927a3f3f2b283af6f38b9eeb0aa Modified Files -------------- contrib/hstore/hstore_io.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
end of thread, other threads:[~2026-02-16 23:42 UTC | newest] Thread overview: 6+ messages (download: mbox mbox.gz follow: Atom feed) -- links below jump to the message on this page -- 2026-02-16 23:42 pgsql: hstore: Fix NULL pointer dereference with receive function Michael Paquier <[email protected]> 2026-02-16 23:42 pgsql: hstore: Fix NULL pointer dereference with receive function Michael Paquier <[email protected]> 2026-02-16 23:42 pgsql: hstore: Fix NULL pointer dereference with receive function Michael Paquier <[email protected]> 2026-02-16 23:42 pgsql: hstore: Fix NULL pointer dereference with receive function Michael Paquier <[email protected]> 2026-02-16 23:42 pgsql: hstore: Fix NULL pointer dereference with receive function Michael Paquier <[email protected]> 2026-02-16 23:42 pgsql: hstore: Fix NULL pointer dereference with receive function Michael Paquier <[email protected]>
This inbox is served by agora; see mirroring instructions for how to clone and mirror all data and code used for this inbox