Participants
Ranier Vilela
Ranier Vilela
Peter Geoghegan
Peter Geoghegan
Attachments

No attachments in this thread

Thread Outline
#1Ranier VilelaRanier Vilela
Aug 25, 2020
#2Peter GeogheganPeter Geogheganto Ranier Vilela (#1)
Aug 25, 2020

Out-of-bounds access (ARRAY_VS_SINGLETON) (src/backend/access/nbtree/nbtdedup.c)

Started by Ranier Vilelaover 5 years ago2 messages
#1Ranier Vilela
Ranier Vilela
ranier.vf@gmail.com

Hi,

Per Coverity.

ARRAY vs SINGLETON

If variable htids is accessed like array, but is a simple pointer, can be
"This might corrupt or misinterpret adjacent memory locations."

at line 723:
/* Form standard non-pivot tuple */
itup->t_info &= ~INDEX_ALT_TID_MASK;
htids = &itup->t_tid;

1. Here htids is a SINGLETON?

So:

At line 723:
htids[ui++] = *BTreeTupleGetPostingN(origtuple, i);

2. htids is accessed how ARRAY?

And is acessed at positions 0 and 1, according (nhtids == 1):
Assert(ui == nhtids);

The htids[1] are destroying something at this memory position.

regards,
Ranier Vilela

#2Peter Geoghegan
Peter Geoghegan
pg@bowt.ie
In reply to: Ranier Vilela (#1)
Re: Out-of-bounds access (ARRAY_VS_SINGLETON) (src/backend/access/nbtree/nbtdedup.c)

On Tue, Aug 25, 2020 at 10:15 AM Ranier Vilela <ranier.vf@gmail.com> wrote:

If variable htids is accessed like array, but is a simple pointer, can be
"This might corrupt or misinterpret adjacent memory locations."

This exact Coverity complaint has already been discussed, and marked
as a false positive on the community's Coverity installation.

--
Peter Geoghegan

← Back to Topics