Buffer overuns with the Electric fence debugging library

The errors are all found in the DataFill function called from
heap_from_tuple.

Where specifically in DataFill?

Do you guys feel comfortable with a database which has reproducible
buffer overuns?

I think it would be great is somebody who has more experience with
postgresql than I were to look at this.

This might be by design. Check out include/access/htup.h and look at
how the tuple is defined. Basically, there is a struct with the
necessary header fields that is used to cast an area of memory that
has been [p]alloc'd. See heap_addheader as an example...

Note that this technique has been declared as "Bad" by the C standards
committee, but it works and there are other things more broken.

darrenk

Hi everybody,

The electricfence library is a tool which helps us to detect
buffer overruns in C programs.

Linking Postgresql with this library gives at least 3 errors I have found
until now.

The errors manifest themselves in sql statements like:
1. create table test(f1 int);
This one allways fails.
2. select * from pg_shadow
Only some tables give errors so the problem seems to be related
to the type/alignment of fields in the tables.

The errors are all found in the DataFill function called from
heap_from_tuple.

I'm using a snapshot version of postgresql downloaded around
the release date 6.3.

This all is on Linux (Redhat 4.0) with Electric Fence version 2.0.5.

Do you guys feel comfortable with a database which has reproducible
buffer overuns?

I think it would be great is somebody who has more experience with
postgresql than I were to look at this.

I am now going to do some work which I actually get paid to do!

With regards from Maurice.

Can you send us the lines that cause the problem? I will look at them.
I have electric fence here on BSDI, but it really takes some time to
run.

-- 
Bruce Momjian                          |  830 Blythe Avenue
maillist@candle.pha.pa.us              |  Drexel Hill, Pennsylvania 19026
  +  If your life is a hard drive,     |  (610) 353-9879(w)
  +  Christ can be your backup.        |  (610) 853-3000(h)

On Wed, 18 Mar 1998, Maurice Gittens wrote:

Do you guys feel comfortable with a database which has reproducible
buffer overuns?

Nope, but only a very few ppl appear to have the software to
detect them, and with the size of the code base for this, we sort of rely
on those with those tools to help out...

Efforts you can provide in this area would be much appreciated,
even if only insofar as providing points to sections of code that should
be checked...

Marc G. Fournier
Systems Administrator @ hub.org
primary: scrappy@hub.org secondary: scrappy@{freebsd|postgresql}.org

Marc G. Fournier writes:

On Wed, 18 Mar 1998, Maurice Gittens wrote:

Do you guys feel comfortable with a database which has reproducible
buffer overuns?

Nope, but only a very few ppl appear to have the software to
detect them, and with the size of the code base for this, we sort of rely
on those with those tools to help out...

Efforts you can provide in this area would be much appreciated,
even if only insofar as providing points to sections of code that should
be checked...

I agree with Marcs comments here, but would like to add that ElectricFence is
freely available at least on Linux systems. It is a long way from Purify,
but it beats sitting around scratching your head.

-dg

David Gould dg@illustra.com 510.628.3783 or 510.305.9468
Informix Software (No, really) 300 Lakeside Drive Oakland, CA 94612
- I realize now that irony has no place in business communications.

On Wed, 18 Mar 1998, David Gould wrote:

I agree with Marcs comments here, but would like to add that ElectricFence is
freely available at least on Linux systems. It is a long way from Purify,
but it beats sitting around scratching your head.

URL for the software? I'd like to see if they at least have a
FreeBSD port that I can use :)

Marc G. Fournier
Systems Administrator @ hub.org
primary: scrappy@hub.org secondary: scrappy@{freebsd|postgresql}.org

On Wed, 18 Mar 1998, David Gould wrote:

I agree with Marcs comments here, but would like to add that ElectricFence is
freely available at least on Linux systems. It is a long way from Purify,
but it beats sitting around scratching your head.

URL for the software? I'd like to see if they at least have a
FreeBSD port that I can use :)

I just got it off the CD myself, but I ftp.redhat.com has it in the
redhat 5.0 distribution area. Look in the SRPMS for:

ElectricFence-2.0.5-5.src.rpm

Or, if you don't have rpm, AltaVista turned up some bsd entries too.

-dg

David Gould dg@illustra.com 510.628.3783 or 510.305.9468
Informix Software (No, really) 300 Lakeside Drive Oakland, CA 94612
- I realize now that irony has no place in business communications.

On Wed, 18 Mar 1998, David Gould wrote:

I agree with Marcs comments here, but would like to add that ElectricFence i

s

freely available at least on Linux systems. It is a long way from Purify,
but it beats sitting around scratching your head.

URL for the software? I'd like to see if they at least have a
FreeBSD port that I can use :)

I just got it off the CD myself, but I ftp.redhat.com has it in the
redhat 5.0 distribution area. Look in the SRPMS for:

ElectricFence-2.0.5-5.src.rpm

Or, if you don't have rpm, AltaVista turned up some bsd entries too.

-dg

David Gould dg@illustra.com 510.628.3783 or 510.305.9468
Informix Software (No, really) 300 Lakeside Drive Oakland, CA 94612
- I realize now that irony has no place in business communications.