Participants
Noname
Noname
Michael Meskes
Michael Meskes
Attachments
Show all attachments
Thread Outline
#1NonameNoname
Jun 20, 2012
#2Michael MeskesMichael Meskesto Noname (#1)
Jun 20, 2012

BUG #6700: Potential Bug in numeric.c

Started by Nonamealmost 14 years ago2 messagesbugs
Jump to latest
#1Noname
Noname
msrbugzilla@gmail.com

The following bug has been logged on the website:

Bug reference: 6700
Logged by: Ken Cheung
Email address: msrbugzilla@gmail.com
PostgreSQL version: Unsupported/Unknown
Operating system: Linux
Description:

I observed a code clone in the following files. In the function
PGTYPESnumeric_copy, the variable dst is ensured to be not NULL before
passing to zero_var(). However, the function PGTYPESnumeric_from_decimal
does not perform this checking. It will cause an exception when dst is NULL
and passed to zero_var().

function : PGTYPESnumeric_copy @ (file:
"postgresql-9.2beta2/src/interfaces/ecpg/pgtypeslib/numeric.c", line:
1476)~1491
if (dst == NULL)
return -1;
zero_var(dst);

dst->weight = src->weight;
dst->rscale = src->rscale;
dst->dscale = src->dscale;
dst->sign = src->sign;

if (alloc_var(dst, src->ndigits) != 0)
return -1;

for (i = 0; i < src->ndigits; i++)
dst->digits[i] = src->digits[i];

return 0;

function : PGTYPESnumeric_from_decimal @ (file:
"postgresql-9.2beta2/src/interfaces/ecpg/pgtypeslib/numeric.c", line:
1650)~1663
zero_var(dst);

dst->weight = src->weight;
dst->rscale = src->rscale;
dst->dscale = src->dscale;
dst->sign = src->sign;

if (alloc_var(dst, src->ndigits) != 0)
return -1;

for (i = 0; i < src->ndigits; i++)
dst->digits[i] = src->digits[i];

return 0;

#2Michael Meskes
Michael Meskes
meskes@postgresql.org
In reply to: Noname (#1)
Re: BUG #6700: Potential Bug in numeric.c

On Wed, Jun 20, 2012 at 05:53:14AM +0000, msrbugzilla@gmail.com wrote:

I observed a code clone in the following files. In the function
PGTYPESnumeric_copy, the variable dst is ensured to be not NULL before
passing to zero_var(). However, the function PGTYPESnumeric_from_decimal
does not perform this checking. It will cause an exception when dst is NULL
and passed to zero_var().

To be honest most of the functions do not check if the parameters are indeed
set. Of course we could easily add the chekc for variable != NULL but that
doesn't ensure that variable points to a valid numeric datatype. Suggestions?

Michael
--
Michael Meskes
Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org)
Michael at BorussiaFan dot De, Meskes at (Debian|Postgresql) dot Org
Jabber: michael.meskes at googlemail dot com
VfL Borussia! Força Barça! Go SF 49ers! Use Debian GNU/Linux, PostgreSQL

← Back to Topics