public inbox for [email protected]
help / color / mirror / Atom feedFrom: Jeff Davis <[email protected]>
To: [email protected]
Subject: Fix minor memory leak in connection string validation
Date: Fri, 12 Jan 2024 15:06:26 -0800
Message-ID: <[email protected]> (raw)
Introduced in commit c3afe8cf5a.
Someone issuing repeated "CREATE SUBSCRIPTION" commands where the
connection has no password and must_have_password is true will leak
malloc'd memory in the error path. Minor issue in practice, because I
suspect that a user privileged enough to create a subscription could
cause bigger problems.
It makes me wonder if we should use the resowner mechanism to track
pointers to malloc'd memory. Then we could use a standard pattern for
these kinds of cases, and it would also catch more remote issues, like
if a pstrdup() fails in an error path (which can happen a few lines up
if the parse fails).
Patch attached; intended for 16 and 17.
Regards,
Jeff Davis
Attachments:
[text/x-patch] 0001-Fix-memory-leak-in-connection-string-validation.patch (1.1K, ../[email protected]/2-0001-Fix-memory-leak-in-connection-string-validation.patch)
download | inline diff:
From cbce9f5a6d1f7a7ce19473c45ac4cc74bca49c0e Mon Sep 17 00:00:00 2001
From: Jeff Davis <[email protected]>
Date: Fri, 12 Jan 2024 14:39:05 -0800
Subject: [PATCH] Fix memory leak in connection string validation.
Introduced in commit c3afe8cf5a.
Backpatch-through: 16
---
src/backend/replication/libpqwalreceiver/libpqwalreceiver.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/backend/replication/libpqwalreceiver/libpqwalreceiver.c b/src/backend/replication/libpqwalreceiver/libpqwalreceiver.c
index ead30f87c9..201c36cb22 100644
--- a/src/backend/replication/libpqwalreceiver/libpqwalreceiver.c
+++ b/src/backend/replication/libpqwalreceiver/libpqwalreceiver.c
@@ -284,10 +284,15 @@ libpqrcv_check_conninfo(const char *conninfo, bool must_use_password)
}
if (!uses_password)
+ {
+ /* malloc'd, so we must free it explicitly */
+ PQconninfoFree(opts);
+
ereport(ERROR,
(errcode(ERRCODE_S_R_E_PROHIBITED_SQL_STATEMENT_ATTEMPTED),
errmsg("password is required"),
errdetail("Non-superusers must provide a password in the connection string.")));
+ }
}
PQconninfoFree(opts);
--
2.34.1
view thread (3+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected]
Subject: Re: Fix minor memory leak in connection string validation
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox