Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1w9ibj-001gD7-2c
	for pgsql-hackers@arkaria.postgresql.org;
	Mon, 06 Apr 2026 11:59:08 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1w9ibi-008FMx-12
	for pgsql-hackers@arkaria.postgresql.org;
	Mon, 06 Apr 2026 11:59:06 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <andreas@proxel.se>)
	id 1w9ibh-008FMo-30
	for pgsql-hackers@lists.postgresql.org;
	Mon, 06 Apr 2026 11:59:06 +0000
Received: from smtp.outgoing.loopia.se ([93.188.3.37])
	by magus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.98.2)
	(envelope-from <andreas@proxel.se>)
	id 1w9ibg-00000000tU8-0Cl0
	for pgsql-hackers@lists.postgresql.org;
	Mon, 06 Apr 2026 11:59:06 +0000
Received: from s807.loopia.se (localhost [127.0.0.1])
	by s807.loopia.se (Postfix) with ESMTP id 63145599C9D
	for <pgsql-hackers@lists.postgresql.org>;
 Mon, 06 Apr 2026 13:59:03 +0200 (CEST)
Received: from s980.loopia.se (unknown [172.22.191.6])
	by s807.loopia.se (Postfix) with ESMTP id 4E6D05998A2;
	Mon, 06 Apr 2026 13:59:03 +0200 (CEST)
Received: from localhost (unknown [172.22.191.6])
	by s980.loopia.se (Postfix) with ESMTP id 4A05E22016D2;
	Mon, 06 Apr 2026 13:59:03 +0200 (CEST)
X-Virus-Scanned: amavis at amavis.loopia.se
X-Spam-Flag: NO
X-Spam-Score: -1.2
X-Spam-Level: 
X-Spam-Status: No, score=-1.2 tagged_above=-999 required=6.2
 tests=[ALL_TRUSTED=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
 DKIM_VALID_EF=-0.1] autolearn=disabled
Authentication-Results: s898.loopia.se (amavis); dkim=pass (2048-bit key)
 header.d=proxel.se
Received: from s899.loopia.se ([172.22.191.5])
 by localhost (s898.loopia.se [172.22.190.17]) (amavis, port 10024) with LMTP
 id o-TozxFPz7jM; Mon,  6 Apr 2026 13:59:02 +0200 (CEST)
X-Loopia-Auth: user
X-Loopia-User: andreas@proxel.se
X-Loopia-Originating-IP: 147.28.75.140
Received: from [192.168.0.121] (customer-147-28-75-140.stosn.net
 [147.28.75.140])
	(Authenticated sender: andreas@proxel.se)
	by s899.loopia.se (Postfix) with ESMTPSA id 833B42C8BABD;
	Mon, 06 Apr 2026 13:59:02 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=proxel.se;
	s=loopiadkim1707418970; t=1775476742;
	bh=P9UuVoQXfhliKe7B2okYWkaqjXSVMqJf9jdALH7z/kc=;
	h=Date:Subject:To:References:From:In-Reply-To;
	b=l7GsQk2vXEAj+uydaV5P9mXwbmZBizXJkFu8QYAL0EPuQLjrB1Gr+y9ZPKSpuTgfx
	 FqRa8qcShVjwkw5gD9bxQKM2jQH9IMaDdWe7ySmihRIklpVZTls32USJTgAOM5wKUD
	 GTo0IeIpO/aOqM33OBiqKpWc3re41hCowVcjeQlZCE8iC4ftN7TgyKxM0EioUtCjow
	 sbG60h3w8U2cjgq31syzvMoeYyl+TlGWIFAxrJ/2ZpedtK4P5Xvd77DkfgeZxztUUy
	 0YV+VvBl0ZS3YmedsqOFpI/sclxitbiNI5KYMvrqm4GDbFqHL/7rUg3QzO7uMcvBfl
	 Y1UFxCpPed8Bw==
Message-ID: <107eb23a-8ebb-42bc-99c0-ca551733e94e@proxel.se>
Date: Mon, 6 Apr 2026 13:59:01 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: DEREF_AFTER_NULL: src/common/jsonapi.c:2529
To: =?UTF-8?B?0JPQsNC70LrQuNC9INCh0LXRgNCz0LXQuQ==?= <galkin@rutoken.ru>,
 "pgsql-hackers@lists.postgresql.org" <pgsql-hackers@lists.postgresql.org>
References: <0b32e30f2fb94ae3b7f4ee15bbb072c0@rutoken.ru>
From: Andreas Karlsson <andreas@proxel.se>
Content-Language: en-US
In-Reply-To: <0b32e30f2fb94ae3b7f4ee15bbb072c0@rutoken.ru>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: 
 <https://www.postgresql.org/message-id/107eb23a-8ebb-42bc-99c0-ca551733e94e%40proxel.se>
Precedence: bulk

On 4/6/26 10:26 AM, Галкин Сергей wrote:
> That seemed plausible to me, since there is a comment just above saying 
> that lex->errormsg can be NULL in shlib code. I also checked 
> PQExpBufferBroken(), and it does handle NULL, but that call is under 
> #ifdef, while the final access to lex->errormsg->data is unconditional.
> 
> I may be missing some invariant here, but it seems worth adding an 
> explicit NULL check. I prepared a corresponding patch and am attaching 
> it below in case you agree that this is a real issue.

The code is correct but a bit confusing. When JSONAPI_USE_PQEXPBUFFER is 
not defined jsonapi_makeStringInfo() will call palloc() which cannot 
return NULL so the NULL check (currently done by PQExpBufferBroken()) is 
only necessary when JSONAPI_USE_PQEXPBUFFER is defined.

If someone has a patch improving readability I would personally before 
merging this since this code feels more complex than it ideally should 
be but adding this noop NULL check to silence a false positive from a 
static analyzer does not seem like an improvement.

-- 
Andreas Karlsson
Percona