Participants
PostgreSQL Bugs List
PostgreSQL Bugs List
Tom Lane
Tom Lane
Attachments
Show all attachments
Thread Outline
#1PostgreSQL Bugs ListPostgreSQL Bugs List
Dec 17, 2000
#2Tom LaneTom Laneto PostgreSQL Bugs List (#1)
Dec 17, 2000

pg_dump fails to dump database

Started by PostgreSQL Bugs Listover 25 years ago2 messagesbugs
Jump to latest
#1PostgreSQL Bugs List
PostgreSQL Bugs List
pgsql-bugs@postgresql.org

Mirek Hankus (M.Hankus@ce3.pl) reports a bug with a severity of 2
The lower the number the more severe it is.

Short Description
pg_dump fails to dump database

Long Description
pg_dump in postgreSQL 7.0.3 fails to dump database. Problem is becomeUser procedure in which lastusername stores pointer to name of username which is currently connected. becomeUser is called for the first time in dumpSchema, which allocated memory, calls becomeUser and then frees memory. Then becomeUser is called again during dumping of table data, but lastusername points to deallocated memory, so it receives SIGSEGV (in strcmp).

Solution.

Use strdup to copy username, and do not use pointer to memory allocated in other procedures

In my case this bug made it imposible to backup database, upgrade also will be imposible.

Sample Code

No file was uploaded with this report

#2Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: PostgreSQL Bugs List (#1)
Re: pg_dump fails to dump database

pgsql-bugs@postgresql.org writes:

pg_dump in postgreSQL 7.0.3 fails to dump database. Problem is
becomeUser procedure in which lastusername stores pointer to name of
username which is currently connected. becomeUser is called for the
first time in dumpSchema, which allocated memory, calls becomeUser and
then frees memory. Then becomeUser is called again during dumping of
table data, but lastusername points to deallocated memory, so it
receives SIGSEGV (in strcmp).

Hm. This is clearly erroneous code, but the odds of a coredump seem
*extremely* remote --- as borne out by the fact that this bug has been
in there for a good long while, and hasn't been noticed before.
strcmp as such isn't going to care whether the string it's pointed
at has been freed and/or overwritten. It could only coredump if it
scanned past the end of physically allocated memory before hitting a
null, and that seems pretty unlikely, especially given that the other
input string is likely to be short. What sort of platform are you
running on?

Philip, I see that becomeUser is toast in current sources, but it
seems like _reconnectAsUser might still have the same logic flaw;
wouldn't it be a good idea to make it strdup the value it saves in
currUser?

regards, tom lane

← Back to Topics