Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1vdXpr-0020rD-1P
	for pgsql-hackers@arkaria.postgresql.org;
	Wed, 07 Jan 2026 18:00:44 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1vdXpq-00F2XH-0x
	for pgsql-hackers@arkaria.postgresql.org;
	Wed, 07 Jan 2026 18:00:43 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <gowdashru@gmail.com>)
	id 1vdXpp-00F2X7-2X
	for pgsql-hackers@lists.postgresql.org;
	Wed, 07 Jan 2026 18:00:42 +0000
Received: from mail-ot1-x32c.google.com ([2607:f8b0:4864:20::32c])
	by makus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.96)
	(envelope-from <gowdashru@gmail.com>)
	id 1vdXpp-004kZU-04
	for pgsql-hackers@postgresql.org;
	Wed, 07 Jan 2026 18:00:41 +0000
Received: by mail-ot1-x32c.google.com with SMTP id 46e09a7af769-7c7533dbd87so1692404a34.2
        for <pgsql-hackers@postgresql.org>; Wed, 07 Jan 2026 10:00:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1767808840; x=1768413640; darn=postgresql.org;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=UMdQ1UqmpYDll91YGzxjZX6Rg6umb7EeK3ORz9xESNk=;
        b=TzF/kOgE/px7pK3y+LMSvjuif80siV0DGlosYimmTRqZTGZC4hreysX3eapwj9MIcA
         1ugwjHEkXtWhnMJZeRCMYVviGaDJJW35j+NLPnDyGJ6oOXxeWOiDSk4kKjjbxCd2wOK6
         2jnZlbKdGxdzHNHHiCcdAKQ2Gf2DIMDteCNPXSjd/leGog7LU1DLiWOXZ2Rd32lugd0/
         s7zoQ1Z8Sr0ijqLc6IMztDJYT030KZlWyU5xAgtF9RvXqMUU7dtW/TTb8fVTPnL1dDUm
         nqb9YsXR5mvNe97ZGi4ulzVGRJY3mh8yFi1js1xssZciEyHU8Wwd67bb5tDp1YNAOOgy
         sGgQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1767808840; x=1768413640;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=UMdQ1UqmpYDll91YGzxjZX6Rg6umb7EeK3ORz9xESNk=;
        b=tj7BFSAhBx/xwvLUmrDBu27+TdCfkhEek0NjOW5VPPT9AtBqTTPzZpBnQ4zz0xY1zb
         KtpIGGLzdSxPfzdrWdp5HJzV2TFafOrI1LwdqvfBJ63yd4sO8KQR4Cbhx2pHtivggBVO
         mho9Yx424DGpM5plCWEYt7PBnFZpZQANThNQHHA/PTepnwlimohldf8BQAVLPeznhuwf
         mTFVCPMLIp7eImxlZ3fhMetBVCln8bBTkBBwa6NCaSO/y5VTJZp5dkZeeY+YWt6qDlMj
         cGWFfsXCyMcKOnp4KDAhEsKfbqy4rWi1+ZUZFmiVCPhMVBSCQqBNzux/FB1mjaJxFyJ2
         EKIA==
X-Gm-Message-State: AOJu0Yz9Gdhuq/f34yzmT5WRlkHfBsfjhBPuws1/33HI68PSQma2yAUW
	pASYrlC8folO0SsCQC0AlEKQvw9wiKUJI4WxHkBZCXujUo02RCFkLLoWvHJ4G8+4/LNLRekQ2V5
	JN1GEfD14yRZBVj6UI4rQ8blARCh18/M=
X-Gm-Gg: AY/fxX45KVmPuIJsAcO3OZQ2YQocxbRUX4jYA1Tl5PzBQrBKYLbE6sGUgUvqkGuv6gm
	3ZH11I6zJZNYmI/cK+57ELOYV0//5ire3qPxnTtzMpobyKr10Xh5C5TgLWHi+piCp6607d+b/VN
	X8HVNvdj+I5g/j6PnOcKO4FqR8jAn90G8Dar5ZRkMN5YtR0bFgg1enJ6VwELFtYJQkwfrHvCqki
	tpI8IqvfIvwa311X7sxD8+TtHfUyCTazmWklkFBtQ8jdI+uDJ116QlMUFX7JpOzLPLcpVIa
X-Google-Smtp-Source: AGHT+IFftzySoIzmbNjs2HID+FdI6zXgTkCCj3ZoORLnkN78ZJNh+IBplv1qEPelX0vw6o3VN2KhVc/fwNNYgKZHvD8=
X-Received: by 2002:a05:6830:3c07:b0:7c7:68d6:5925 with SMTP id
 46e09a7af769-7ce50bc2392mr1606296a34.27.1767808839000; Wed, 07 Jan 2026
 10:00:39 -0800 (PST)
MIME-Version: 1.0
References: <CAASxf_P1F75Ck+0qyb10auT+BORupOM4yigXBnm7aWRNx1LYcA@mail.gmail.com>
 <3007317.1765210195@sss.pgh.pa.us>
In-Reply-To: <3007317.1765210195@sss.pgh.pa.us>
From: Shruthi Gowda <gowdashru@gmail.com>
Date: Wed, 7 Jan 2026 23:30:27 +0530
X-Gm-Features: AQt7F2oDO6iec5sov7a9ZNo5hQqlfO0bFDOtWv6ZhHfDDvGN_5WNx5l5vDQGwow
Message-ID: <CAASxf_P5f=Frf8S7rN9BzphtCLoeN9vFuh-V7ukotOQZU54g+w@mail.gmail.com>
Subject: Re: [BUG] CRASH: ECPGprepared_statement() and ECPGdeallocate_all()
 when connection is NULL
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: PostgreSQL Development <pgsql-hackers@postgresql.org>
Content-Type: multipart/mixed; boundary="000000000000e13d440647d011f6"
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: <https://www.postgresql.org/message-id/CAASxf_P5f%3DFrf8S7rN9BzphtCLoeN9vFuh-V7ukotOQZU54g%2Bw%40mail.gmail.com>
Precedence: bulk

--000000000000e13d440647d011f6
Content-Type: multipart/alternative; boundary="000000000000e13d430647d011f4"

--000000000000e13d430647d011f4
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Mon, Dec 8, 2025 at 9:39=E2=80=AFPM Tom Lane <tgl@sss.pgh.pa.us> wrote:

> Shruthi Gowda <gowdashru@gmail.com> writes:
> > The ECPG application crashes with a segmentation fault when calling
> > specific deallocation or prepared statement functions without an
> > established database connection. This is caused by a missing NULL check
> on
> > the connection handle before attempting to access it.
>
> Hmm ... poking around, I see several other places that aren't checking
> the result of ecpg_get_connection.  Shouldn't we tighten them all?
>
>                         regards, tom lane
>

I agree. I=E2=80=99ve reviewed all occurrences of ecpg_get_connection() and=
 noted
that, in most instances, it is followed by ecpg_init(), which validates the
connection and returns immediately if the connection is NULL.
In a few cases, the caller had already validated the connection. However, I
identified an additional case that lacked this check, so I have revised the
patch to include the missing validation.


Thanks & Regards,

Shruthi K C

EnterpriseDB: http://www.enterprisedb.com

--000000000000e13d430647d011f4
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div dir=3D"ltr"><br></div><div class=3D"gmail_quote gmail=
_quote_container"><div dir=3D"ltr" class=3D"gmail_attr">On Mon, Dec 8, 2025=
 at 9:39=E2=80=AFPM Tom Lane &lt;<a href=3D"mailto:tgl@sss.pgh.pa.us">tgl@s=
ss.pgh.pa.us</a>&gt; wrote:<br></div><blockquote class=3D"gmail_quote" styl=
e=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);paddin=
g-left:1ex">Shruthi Gowda &lt;<a href=3D"mailto:gowdashru@gmail.com" target=
=3D"_blank">gowdashru@gmail.com</a>&gt; writes:<br>
&gt; The ECPG application crashes with a segmentation fault when calling<br=
>
&gt; specific deallocation or prepared statement functions without an<br>
&gt; established database connection. This is caused by a missing NULL chec=
k on<br>
&gt; the connection handle before attempting to access it.<br>
<br>
Hmm ... poking around, I see several other places that aren&#39;t checking<=
br>
the result of ecpg_get_connection.=C2=A0 Shouldn&#39;t we tighten them all?=
<br>
<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 regards, tom lane<br></blockquote><div><br></div><div>I agree. I=
=E2=80=99ve reviewed all occurrences of <code>ecpg_get_connection()</code> =
and noted that, in most instances, it is followed by <code>ecpg_init()</cod=
e>, which validates the connection and returns immediately if the=C2=A0conn=
ection is NULL.</div><div>In a few cases, the caller had already validated =
the connection. However, I identified an additional case that lacked this c=
heck, so I have revised the patch to include the missing validation.</div><=
div><br></div><div><br></div><div><p>Thanks &amp; Regards,</p><p>Shruthi K =
C</p><p>EnterpriseDB<span style=3D"color:rgb(136,136,136)">:=C2=A0</span><a=
 href=3D"http://www.enterprisedb.com/" rel=3D"noreferrer" target=3D"_blank"=
>http://www.enterprisedb.com</a></p></div></div></div>

--000000000000e13d430647d011f4--
--000000000000e13d440647d011f6
Content-Type: application/octet-stream; 
	name="v2-0001-Add-missing-connection-validation-in-ECPG.patch"
Content-Disposition: attachment; 
	filename="v2-0001-Add-missing-connection-validation-in-ECPG.patch"
Content-Transfer-Encoding: base64
Content-ID: <f_mk4bpba90>
X-Attachment-Id: f_mk4bpba90

RnJvbSAxYjM3YzRlZDQ5Yjg0Y2U2NDZhNTlkM2JkNjE1ZTg5YzAyYjc2MzhmIE1vbiBTZXAgMTcg
MDA6MDA6MDAgMjAwMQpGcm9tOiBzaHJ1dGhpIGdvd2RhIDxzaHJ1dGhpLmtjQGVudGVycHJpc2Vk
Yi5jb20+CkRhdGU6IFdlZCwgNyBKYW4gMjAyNiAxMjo0Mjo0NyArMDAwMApTdWJqZWN0OiBbUEFU
Q0ggdjJdIEFkZCBtaXNzaW5nIGNvbm5lY3Rpb24gdmFsaWRhdGlvbiBpbiBFQ1BHCgpFbnN1cmUg
dGhhdCBFQ1BHIGNvbm5lY3Rpb25zIGFyZSB2YWxpZGF0ZWQgYmVmb3JlIHVzZSB0byBwcmV2ZW50
CmFwcGxpY2F0aW9uIGNyYXNoZXMuIFRoaXMgYWxsb3dzIHRoZSBzeXN0ZW0gdG8gaGFuZGxlIGRp
c2Nvbm5lY3RlZApzdGF0ZXMgZ3JhY2VmdWxseSBieSB0aHJvd2luZyBhIHByb3BlciBlcnJvciBp
bnN0ZWFkIG9mCnNlZ2ZhdWx0aW5nLgotLS0KIHNyYy9pbnRlcmZhY2VzL2VjcGcvZWNwZ2xpYi9k
ZXNjcmlwdG9yLmMgfCAgOCArKysrKysrKwogc3JjL2ludGVyZmFjZXMvZWNwZy9lY3BnbGliL3By
ZXBhcmUuYyAgICB8IDI0ICsrKysrKysrKysrKysrKysrKysrLS0tLQogMiBmaWxlcyBjaGFuZ2Vk
LCAyOCBpbnNlcnRpb25zKCspLCA0IGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL3NyYy9pbnRl
cmZhY2VzL2VjcGcvZWNwZ2xpYi9kZXNjcmlwdG9yLmMgYi9zcmMvaW50ZXJmYWNlcy9lY3BnL2Vj
cGdsaWIvZGVzY3JpcHRvci5jCmluZGV4IDM5Y2Q1MTMwZWM5Li4wMmRmMWY3MzQ1YiAxMDA2NDQK
LS0tIGEvc3JjL2ludGVyZmFjZXMvZWNwZy9lY3BnbGliL2Rlc2NyaXB0b3IuYworKysgYi9zcmMv
aW50ZXJmYWNlcy9lY3BnL2VjcGdsaWIvZGVzY3JpcHRvci5jCkBAIC01MDcsNiArNTA3LDE0IEBA
IEVDUEdnZXRfZGVzYyhpbnQgbGluZW5vLCBjb25zdCBjaGFyICpkZXNjX25hbWUsIGludCBpbmRl
eCwuLi4pCiAKIAkJLyogZGVzcGVyYXRlIHRyeSB0byBndWVzcyBzb21ldGhpbmcgc2Vuc2libGUg
Ki8KIAkJc3RtdC5jb25uZWN0aW9uID0gZWNwZ19nZXRfY29ubmVjdGlvbihOVUxMKTsKKwkJaWYg
KCFzdG10LmNvbm5lY3Rpb24pCisJCXsKKwkJCWVjcGdfcmFpc2UobGluZW5vLCBFQ1BHX05PX0NP
Tk4sIEVDUEdfU1FMU1RBVEVfQ09OTkVDVElPTl9ET0VTX05PVF9FWElTVCwKKwkJCQkJCWVjcGdf
Z2V0dGV4dCgiTlVMTCIpKTsKKwkJCXZhX2VuZChhcmdzKTsKKwkJCXJldHVybiBmYWxzZTsKKwkJ
fQorCiAJCWVjcGdfc3RvcmVfcmVzdWx0KEVDUEdyZXN1bHQsIGluZGV4LCAmc3RtdCwgJmRhdGFf
dmFyKTsKIAogI2lmZGVmIEhBVkVfVVNFTE9DQUxFCmRpZmYgLS1naXQgYS9zcmMvaW50ZXJmYWNl
cy9lY3BnL2VjcGdsaWIvcHJlcGFyZS5jIGIvc3JjL2ludGVyZmFjZXMvZWNwZy9lY3BnbGliL3By
ZXBhcmUuYwppbmRleCA1YzdjNTM5NzUzNS4uOTZiZTQzOTY0MTUgMTAwNjQ0Ci0tLSBhL3NyYy9p
bnRlcmZhY2VzL2VjcGcvZWNwZ2xpYi9wcmVwYXJlLmMKKysrIGIvc3JjL2ludGVyZmFjZXMvZWNw
Zy9lY3BnbGliL3ByZXBhcmUuYwpAQCAtMzgxLDggKzM4MSwxNiBAQCBlY3BnX2RlYWxsb2NhdGVf
YWxsX2Nvbm4oaW50IGxpbmVubywgZW51bSBDT01QQVRfTU9ERSBjLCBzdHJ1Y3QgY29ubmVjdGlv
biAqY29uKQogYm9vbAogRUNQR2RlYWxsb2NhdGVfYWxsKGludCBsaW5lbm8sIGludCBjb21wYXQs
IGNvbnN0IGNoYXIgKmNvbm5lY3Rpb25fbmFtZSkKIHsKLQlyZXR1cm4gZWNwZ19kZWFsbG9jYXRl
X2FsbF9jb25uKGxpbmVubywgY29tcGF0LAotCQkJCQkJCQkJZWNwZ19nZXRfY29ubmVjdGlvbihj
b25uZWN0aW9uX25hbWUpKTsKKwlzdHJ1Y3QgY29ubmVjdGlvbiAqY29uOworCisJY29uID0gZWNw
Z19nZXRfY29ubmVjdGlvbihjb25uZWN0aW9uX25hbWUpOworCWlmICghY29uKQorCXsKKwkJZWNw
Z19yYWlzZShsaW5lbm8sIEVDUEdfTk9fQ09OTiwgRUNQR19TUUxTVEFURV9DT05ORUNUSU9OX0RP
RVNfTk9UX0VYSVNULAorCQkJCSAgIGNvbm5lY3Rpb25fbmFtZSA/IGNvbm5lY3Rpb25fbmFtZSA6
IGVjcGdfZ2V0dGV4dCgiTlVMTCIpKTsKKwkJcmV0dXJuIGZhbHNlOworCX0KKwlyZXR1cm4gZWNw
Z19kZWFsbG9jYXRlX2FsbF9jb25uKGxpbmVubywgY29tcGF0LCBjb24pOwogfQogCiBjaGFyICoK
QEAgLTM5OSw5ICs0MDcsMTcgQEAgZWNwZ19wcmVwYXJlZChjb25zdCBjaGFyICpuYW1lLCBzdHJ1
Y3QgY29ubmVjdGlvbiAqY29uKQogY2hhciAqCiBFQ1BHcHJlcGFyZWRfc3RhdGVtZW50KGNvbnN0
IGNoYXIgKmNvbm5lY3Rpb25fbmFtZSwgY29uc3QgY2hhciAqbmFtZSwgaW50IGxpbmVubykKIHsK
LQkodm9pZCkgbGluZW5vOwkJCQkvKiBrZWVwIHRoZSBjb21waWxlciBxdWlldCAqLworCXN0cnVj
dCBjb25uZWN0aW9uICpjb247CisKKwljb24gPSBlY3BnX2dldF9jb25uZWN0aW9uKGNvbm5lY3Rp
b25fbmFtZSk7CisJaWYgKCFjb24pCisJeworCQllY3BnX3JhaXNlKGxpbmVubywgRUNQR19OT19D
T05OLCBFQ1BHX1NRTFNUQVRFX0NPTk5FQ1RJT05fRE9FU19OT1RfRVhJU1QsCisJCQkJICAgY29u
bmVjdGlvbl9uYW1lID8gY29ubmVjdGlvbl9uYW1lIDogZWNwZ19nZXR0ZXh0KCJOVUxMIikpOwor
CQlyZXR1cm4gTlVMTDsKKwl9CiAKLQlyZXR1cm4gZWNwZ19wcmVwYXJlZChuYW1lLCBlY3BnX2dl
dF9jb25uZWN0aW9uKGNvbm5lY3Rpb25fbmFtZSkpOworCXJldHVybiBlY3BnX3ByZXBhcmVkKG5h
bWUsIGNvbik7CiB9CiAKIC8qCi0tIAoyLjQzLjAKCg==
--000000000000e13d440647d011f6--