Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wMLkX-002TEf-2i for pgsql-hackers@arkaria.postgresql.org; Mon, 11 May 2026 08:12:25 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.96) (envelope-from ) id 1wMLkW-0008Ya-1e for pgsql-hackers@arkaria.postgresql.org; Mon, 11 May 2026 08:12:24 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wMLkW-0008YS-0n for pgsql-hackers@lists.postgresql.org; Mon, 11 May 2026 08:12:24 +0000 Received: from mail-pl1-x62b.google.com ([2607:f8b0:4864:20::62b]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.98.2) (envelope-from ) id 1wMLkT-000000000K4-3UGs for pgsql-hackers@lists.postgresql.org; Mon, 11 May 2026 08:12:24 +0000 Received: by mail-pl1-x62b.google.com with SMTP id d9443c01a7336-2ad9f316d68so17600095ad.2 for ; Mon, 11 May 2026 01:12:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1778487138; x=1779091938; darn=lists.postgresql.org; h=message-id:in-reply-to:to:references:date:subject:mime-version:from :from:to:cc:subject:date:message-id:reply-to; bh=N+o7s0M/jy+BbwA8tmAC6Yf8P1r2JaOw9CoG6GzPhUI=; b=i6YsqqRAdneYbpd5GRHM6rfLClNT9fA0CZWdrSEwx9nSFnQelBYIvjonXS6vnZWwi/ UWP+u/kNdpjY3wYatNQTp3NyIQ1hzol9+PqSvbyTizZG2fJ5ji4ilr+C55eLbkK77Lql VAJBmi4qvFQ1ne5mTF8N0l3j11FEmbZDnGj0Yz5tFm4sZG26fjBFUlADPzFMcCyej1JX 9mc1Yty8nFCXTwFPmxgZw3yUYLUZc7jQnpkj6DI6XmQaK+CPMeCOEXzDVCl66hv/C3XK KQIPT3HnnjPR3QeIS6YRXgnpT3rt7TdX9j5U27gLhfdLVWS27l8idItUEspYp0ySJAsn z8TA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1778487138; x=1779091938; h=message-id:in-reply-to:to:references:date:subject:mime-version:from :x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=N+o7s0M/jy+BbwA8tmAC6Yf8P1r2JaOw9CoG6GzPhUI=; b=BfINmHwYjjHAVJS3UXHlGMyvk6Kl5sJoI5KM8hIw58Tqoz7wop062PTss72lukV/1e IVwgkjIOJ9rX5VkWNh9klD3wd3swTGJ4V0VbShuTn8mi4WPAWEtqkzqpVm+4i7TesCDu AwQvkclFKQ1oeL2f8jvZRSv8bTQlkBq9luXXSADJ0K7fDDdOGKDOIeYOxI/ReIyEn2Mf iGp11ssAYiAoh5ioSa0LjIbJgZ+82xPm99h0G66ze6GTak5pzJJTNRgtBAfYqTEOWAqr kCnNULV8by5Bftk6+v/JDiyIYuwazunD+WeMrUJHtD3Xjx3K3ExQ7iywk1Zh9XZx9q1r lu9A== X-Gm-Message-State: AOJu0YxnD1AkalduzAi2/ZdPuGT3gjxv2o5Kt19IRGWkohWnKf2hhcq4 9KvDbzKiYHihOxcdSj/aeKWkoSFKdGJU5i5U7l7BoiY1m4MvwTjK29D87eP5fBVwxMg= X-Gm-Gg: Acq92OEbIDTEKAfRj6aygLOXAMNf8aWeL7o1oze9E2du5BTuKlqxEpPoz0zjzZgQMd/ uEp+GSSjgwK145XpanohotX3BS2vexpxNTDkQyNCGrnd8LBUtOZqTuoWLTbYVyGLa4fzhceybUd INN9qXEVFjaL7/OC4H0pOaAnM5IkOtHrHSdIrI5vs9A5O/TMsu6HrMf6LG+69J567C9ucBGPYmV L+Jix3k4bI/EuSw5Ak+WG7eSadH9gVlbiLCeMEe7r2FLl3dpU5egEydZ/Avtah9M0PeBlGzAvCr 5VXmO1S5FdjF4Prq40pYwaKMeZHiLQLfJEmvdRwq/4Sxp8tEQ+fMlQ0sI+m30EsuIzBssTp1K2e RMXtxWJG+gv6LzbLFiN3s+TbLTrsbkPO8i1w70yb7zSLelioavwpf/Gd2qMbnx04JNoPeyFNXhd qpbnJ7TdIcTgICY44RneAdJjDA7wDYPjid X-Received: by 2002:a17:902:e54e:b0:2ba:22db:e1e0 with SMTP id d9443c01a7336-2ba78e4b3a6mr252631115ad.10.1778487137681; Mon, 11 May 2026 01:12:17 -0700 (PDT) Received: from smtpclient.apple ([185.135.79.161]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2baf1d40597sm92468285ad.22.2026.05.11.01.12.15 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 11 May 2026 01:12:16 -0700 (PDT) From: Chao Li Content-Type: multipart/mixed; boundary="Apple-Mail=_0F3677CC-9807-4D1D-BF1D-F08E579B5AAF" Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3864.400.21\)) Subject: Re: Fix unsafe PlannedStmt access in pg_stat_statements Date: Mon, 11 May 2026 16:11:41 +0800 References: <2F91906A-F2B5-4A6B-9695-D136957D4545@gmail.com> To: PostgreSQL Hackers In-Reply-To: <2F91906A-F2B5-4A6B-9695-D136957D4545@gmail.com> Message-Id: X-Mailer: Apple Mail (2.3864.400.21) List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --Apple-Mail=_0F3677CC-9807-4D1D-BF1D-F08E579B5AAF Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii > On May 11, 2026, at 16:07, Chao Li wrote: >=20 > Hi, >=20 > I spotted this small issue while working on [1]. >=20 > In pgss_ProcessUtility(), there is this comment: > ``` > /* > * CAUTION: do not access the *pstmt data structure again below here. > * If it was a ROLLBACK or similar, that data structure may have been > * freed. We must copy everything we still need into local variables, > * which we did above. > * > * For the same reason, we can't risk restoring pstmt->queryId to its > * former value, which'd otherwise be a good idea. > */ > ``` >=20 > However, commit 3357471cf9f5e470dfed0c7919bcf31c7efaf2b9 added a new = access to pstmt after that point: > ``` > pgss_store(queryString, > saved_queryId, > saved_stmt_location, > saved_stmt_len, > PGSS_EXEC, > INSTR_TIME_GET_MILLISEC(duration), > rows, > &bufusage, > &walusage, > NULL, > NULL, > 0, > 0, > pstmt->planOrigin); > ``` >=20 > The attached patch fixes this by saving pstmt->planOrigin, following = the same pattern already used for queryId, stmt_location, and stmt_len. >=20 > [1] = https://www.postgresql.org/message-id/8ED8C22D-54CD-4EC4-B53C-D39F935FA83D= %40gmail.com >=20 > Best regards, > -- > Chao Li (Evan) > HighGo Software Co., Ltd. > https://www.highgo.com/ >=20 Oops! Forgot the attachment. Best regards, -- Chao Li (Evan) HighGo Software Co., Ltd. https://www.highgo.com/ --Apple-Mail=_0F3677CC-9807-4D1D-BF1D-F08E579B5AAF Content-Disposition: attachment; filename=v1-0001-Fix-unsafe-PlannedStmt-access-in-pg_stat_statemen.patch Content-Type: application/octet-stream; x-unix-mode=0644; name="v1-0001-Fix-unsafe-PlannedStmt-access-in-pg_stat_statemen.patch" Content-Transfer-Encoding: quoted-printable =46rom=2005da7b75b455b8d0e30d9a77d5fbe3ca4eccae8e=20Mon=20Sep=2017=20= 00:00:00=202001=0AFrom:=20"Chao=20Li=20(Evan)"=20=0A= Date:=20Mon,=2011=20May=202026=2015:43:53=20+0800=0ASubject:=20[PATCH=20= v1]=20Fix=20unsafe=20PlannedStmt=20access=20in=20pg_stat_statements=0A=0A= Author:=20Chao=20Li=20=0A---=0A=20= contrib/pg_stat_statements/pg_stat_statements.c=20|=203=20++-=0A=201=20= file=20changed,=202=20insertions(+),=201=20deletion(-)=0A=0Adiff=20--git=20= a/contrib/pg_stat_statements/pg_stat_statements.c=20= b/contrib/pg_stat_statements/pg_stat_statements.c=0Aindex=20= 95a5411a39d..a2d3ab770cc=20100644=0A---=20= a/contrib/pg_stat_statements/pg_stat_statements.c=0A+++=20= b/contrib/pg_stat_statements/pg_stat_statements.c=0A@@=20-1099,6=20= +1099,7=20@@=20pgss_ProcessUtility(PlannedStmt=20*pstmt,=20const=20char=20= *queryString,=0A=20=09int64=09=09saved_queryId=20=3D=20pstmt->queryId;=0A= =20=09int=09=09=09saved_stmt_location=20=3D=20pstmt->stmt_location;=0A=20= =09int=09=09=09saved_stmt_len=20=3D=20pstmt->stmt_len;=0A+=09= PlannedStmtOrigin=20saved_planOrigin=20=3D=20pstmt->planOrigin;=0A=20=09= bool=09=09enabled=20=3D=20pgss_track_utility=20&&=20= pgss_enabled(nesting_level);=0A=20=0A=20=09/*=0A@@=20-1210,7=20+1211,7=20= @@=20pgss_ProcessUtility(PlannedStmt=20*pstmt,=20const=20char=20= *queryString,=0A=20=09=09=09=09=20=20=20NULL,=0A=20=09=09=09=09=20=20=20= 0,=0A=20=09=09=09=09=20=20=200,=0A-=09=09=09=09=20=20=20= pstmt->planOrigin);=0A+=09=09=09=09=20=20=20saved_planOrigin);=0A=20=09}=0A= =20=09else=0A=20=09{=0A--=20=0A2.50.1=20(Apple=20Git-155)=0A=0A= --Apple-Mail=_0F3677CC-9807-4D1D-BF1D-F08E579B5AAF--