Add a guard against uninitialized default locale

public inbox for [email protected]  
help / color / mirror / Atom feed

Add a guard against uninitialized default locale
3+ messages / 2 participants
[nested] [flat]

* Add a guard against uninitialized default locale
@ 2026-04-24 22:44 Jeff Davis <[email protected]>
  2026-05-14 22:00 ` Re: Add a guard against uninitialized default locale Jeff Davis <[email protected]>
  0 siblings, 1 reply; 3+ messages in thread

From: Jeff Davis @ 2026-04-24 22:44 UTC (permalink / raw)
  To: pgsql-hackers

Not known to be reachable after dbf217c1c7, but defend against similar
issues in the future. For instance, an extension might encounter the
problem by calling pg_newlocale_from_collation(DEFAULT_COLLATION_OID)
from _PG_init(), and end up with a NULL pointer dereference.

Backport through 17, though patch is different in 17 (also attached).

Regards,
	Jeff Davis



Attachments:

  [text/x-patch] v1.19-0001-Guard-against-uninitialized-default-locale.patch (958B, 2-v1.19-0001-Guard-against-uninitialized-default-locale.patch)
  download | inline diff:
From 025a759ff37046dac7864bedc16fcf0b1d1ae9b8 Mon Sep 17 00:00:00 2001
From: Jeff Davis <[email protected]>
Date: Wed, 22 Apr 2026 15:09:27 -0700
Subject: [PATCH v1.19] Guard against uninitialized default locale.

No known problem today, but defend against issues like dbf217c1c7 in
the future.

Backpatch-through: 17
---
 src/backend/utils/adt/pg_locale.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/backend/utils/adt/pg_locale.c b/src/backend/utils/adt/pg_locale.c
index 6c5c1019e1e..7cd1a060759 100644
--- a/src/backend/utils/adt/pg_locale.c
+++ b/src/backend/utils/adt/pg_locale.c
@@ -1192,7 +1192,13 @@ pg_newlocale_from_collation(Oid collid)
 	bool		found;
 
 	if (collid == DEFAULT_COLLATION_OID)
+	{
+		/* should not happen */
+		if (default_locale == NULL)
+			elog(ERROR, "default locale not initialized");
+
 		return default_locale;
+	}
 
 	/*
 	 * Some callers expect C_COLLATION_OID to succeed even without catalog
-- 
2.43.0



  [text/x-patch] v1.17-0001-Guard-against-uninitialized-default-locale.patch (1.5K, 3-v1.17-0001-Guard-against-uninitialized-default-locale.patch)
  download | inline diff:
From 4d4c837371fc66850b9499d30dcad43b1f5a764d Mon Sep 17 00:00:00 2001
From: Jeff Davis <[email protected]>
Date: Wed, 22 Apr 2026 15:09:27 -0700
Subject: [PATCH v1.17] Guard against uninitialized default locale.

No known problem today, but defend against issues like dbf217c1c7 in
the future.

Backpatch-through: 17
---
 src/backend/utils/adt/pg_locale.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/backend/utils/adt/pg_locale.c b/src/backend/utils/adt/pg_locale.c
index aa0114ce120..7a51b953f0a 100644
--- a/src/backend/utils/adt/pg_locale.c
+++ b/src/backend/utils/adt/pg_locale.c
@@ -1361,6 +1361,10 @@ lc_collate_is_c(Oid collation)
 		if (result >= 0)
 			return (bool) result;
 
+		/* should not happen */
+		if (default_locale.provider == '\0')
+			elog(ERROR, "default locale not initialized");
+
 		if (default_locale.provider == COLLPROVIDER_BUILTIN)
 		{
 			result = true;
@@ -1428,6 +1432,10 @@ lc_ctype_is_c(Oid collation)
 		if (result >= 0)
 			return (bool) result;
 
+		/* should not happen */
+		if (default_locale.provider == '\0')
+			elog(ERROR, "default locale not initialized");
+
 		if (default_locale.provider == COLLPROVIDER_BUILTIN)
 		{
 			localeptr = default_locale.info.builtin.locale;
@@ -1586,6 +1594,10 @@ pg_newlocale_from_collation(Oid collid)
 
 	if (collid == DEFAULT_COLLATION_OID)
 	{
+		/* should not happen */
+		if (default_locale.provider == '\0')
+			elog(ERROR, "default locale not initialized");
+
 		if (default_locale.provider == COLLPROVIDER_LIBC)
 			return (pg_locale_t) 0;
 		else
-- 
2.43.0



^ permalink  raw  reply  [nested|flat] 3+ messages in thread

* Re: Add a guard against uninitialized default locale
  2026-04-24 22:44 Add a guard against uninitialized default locale Jeff Davis <[email protected]>
@ 2026-05-14 22:00 ` Jeff Davis <[email protected]>
  2026-05-15 03:42   ` Re: Add a guard against uninitialized default locale Ayush Tiwari <[email protected]>
  0 siblings, 1 reply; 3+ messages in thread

From: Jeff Davis @ 2026-05-14 22:00 UTC (permalink / raw)
  To: pgsql-hackers

On Fri, 2026-04-24 at 15:44 -0700, Jeff Davis wrote:
> Not known to be reachable after dbf217c1c7, but defend against
> similar
> issues in the future. For instance, an extension might encounter the
> problem by calling pg_newlocale_from_collation(DEFAULT_COLLATION_OID)
> from _PG_init(), and end up with a NULL pointer dereference.
> 
> Backport through 17, though patch is different in 17 (also attached).

I plan to commit and backport this soon.

Regards,
	Jeff Davis






^ permalink  raw  reply  [nested|flat] 3+ messages in thread

* Re: Add a guard against uninitialized default locale
  2026-04-24 22:44 Add a guard against uninitialized default locale Jeff Davis <[email protected]>
  2026-05-14 22:00 ` Re: Add a guard against uninitialized default locale Jeff Davis <[email protected]>
@ 2026-05-15 03:42   ` Ayush Tiwari <[email protected]>
  0 siblings, 0 replies; 3+ messages in thread

From: Ayush Tiwari @ 2026-05-15 03:42 UTC (permalink / raw)
  To: Jeff Davis <[email protected]>; +Cc: pgsql-hackers

Hi,

On Fri, 15 May 2026 at 03:30, Jeff Davis <[email protected]> wrote:

> On Fri, 2026-04-24 at 15:44 -0700, Jeff Davis wrote:
> > Not known to be reachable after dbf217c1c7, but defend against
> > similar
> > issues in the future. For instance, an extension might encounter the
> > problem by calling pg_newlocale_from_collation(DEFAULT_COLLATION_OID)
> > from _PG_init(), and end up with a NULL pointer dereference.
> >
> > Backport through 17, though patch is different in 17 (also attached).
>
> I plan to commit and backport this soon.
>
>
The patch looks good to me as it is.

Just one nit in PG 17 patch:

   The provider == '\0' sentinel is correct (valid
   providers are 'b'/'c'/'i'/'d', all nonzero) and the three guarded
   sites (lc_collate_is_c, lc_ctype_is_c, pg_newlocale_from_collation)
   cover the direct consumers symmetrically.  The only thing maybe
   consider is replacing the bare /* should not happen */ above the
   '\0' test with something like /* provider unset; init_database_-
   collation() not yet run */ -- the literal '\0' check reads as a bit
   magical otherwise, but maybe you are doing that to have same
   comment throughout.

Regards,
Ayush

^ permalink  raw  reply  [nested|flat] 3+ messages in thread

end of thread, other threads:[~2026-05-15 03:42 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2026-04-24 22:44 Add a guard against uninitialized default locale Jeff Davis <[email protected]>
2026-05-14 22:00 ` Jeff Davis <[email protected]>
2026-05-15 03:42   ` Ayush Tiwari <[email protected]>

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox