Message-ID: From: "jarvis24young (@jarvis24young)" To: "postgresql-interfaces/psqlodbc" Date: Tue, 28 Apr 2026 07:11:53 +0000 Subject: [postgresql-interfaces/psqlodbc] PR #179: Handle ARD bookmark allocation failure List-Id: X-GitHub-Author-Id: 48787405 X-GitHub-Author-Login: jarvis24young X-GitHub-Issue: 179 X-GitHub-Repo: postgresql-interfaces/psqlodbc X-GitHub-State: merged X-GitHub-Type: pull_request X-GitHub-Url: https://github.com/postgresql-interfaces/psqlodbc/pull/179 Content-Type: text/plain; charset=utf-8 ## Summary This hardens ARD bookmark allocation so low-memory failures are reported as ODBC errors instead of dereferencing a NULL pointer. `ARD_AllocBookmark()` previously called `malloc(sizeof(BindInfoClass))` and immediately cleared the returned pointer. If the allocation failed, statement allocation or bookmark binding could crash the host process. The patch: - returns `NULL` from `ARD_AllocBookmark()` when bookmark allocation fails; - handles that failure in `PGAPI_AllocStmt()` by removing the partially registered statement, destroying it, clearing the output handle, and returning `SQL_ERROR` with the existing statement allocation diagnostic; - handles the same failure in `SQLBindCol()` bookmark-column binding with `STMT_NO_MEMORY_ERROR`; - handles ARD bookmark descriptor field updates with `DESC_NO_MEMORY_ERROR`; - adds a black-box ODBC regression test for the normal statement-allocation path that initializes the ARD bookmark. ## Validation Built and tested in WSL against the real driver through unixODBC. Default regression checks: ```sh cd ~/psqlodbc-current-oom/test ODBCSYSINI=. ODBCINSTINI=./odbcinst.ini ODBCINI=./odbc.ini \ ./runsuite ard-bookmark-oom bookmark bulkoperations --inputdir=. ``` Result: ```text ok 1 - ard-bookmark-oom ok 2 - bookmark ok 3 - bulkoperations ``` Manual OOM fault-injection validation with the real driver: ```sh PODBC_FAIL_MALLOC_SIZE=40 PODBC_FAIL_MALLOC_N=178 \ LD_PRELOAD=./exe/malloc_fail_shim.so \ ODBCSYSINI=. ODBCINSTINI=./odbcinst.ini ODBCINI=./odbc.ini \ ./exe/ard-bookmark-oom-bugwatch-test ``` Before the fix this produced `Segmentation fault (core dumped)` at `descriptor.c:345` via `statement.c:232`. After the fix it returns a normal ODBC allocation error without crashing: ```text SQLAllocHandle stmt rc=-1 hstmt=(nil) HY001=No more memory to allocate a further SQL-statement statement allocation returned an error without crashing ``` The LD_PRELOAD fault-injection harness is not registered in the portable regression suite; the committed regression test covers the public ODBC statement-allocation path under normal conditions.