projects / users / c2main / postgres.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 98c7c71)
ecpg: fix more minor mishandling of bad input in preprocessor.
authorTom Lane <tgl@sss.pgh.pa.us>
Thu, 17 Oct 2024 19:28:32 +0000 (15:28 -0400)
committerTom Lane <tgl@sss.pgh.pa.us>
Thu, 17 Oct 2024 19:28:32 +0000 (15:28 -0400)
Don't get confused by an unmatched right brace in the input.
(Previously, this led to discarding information about file-level
variables and then possibly crashing.)

Detect, rather than crash on, an attempt to index into a non-array
variable.

As before, in the absence of field complaints I'm not too
excited about back-patching these.

Per valgrind testing by Alexander Lakhin.

Discussion: https://postgr.es/m/a239aec2-6c79-5fc9-9272-cea41158a360@gmail.com

src/interfaces/ecpg/preproc/ecpg.trailer patch | blob | blame | history
src/interfaces/ecpg/preproc/variable.c patch | blob | blame | history

diff --git a/src/interfaces/ecpg/preproc/ecpg.trailer b/src/interfaces/ecpg/preproc/ecpg.trailer
index e466668ea2446990b961e7bea4c75bf75404009f..424903f76e092e8cbbf1929e00d3cd6c63e95f34 100644 (file)
--- a/src/interfaces/ecpg/preproc/ecpg.trailer
+++ b/src/interfaces/ecpg/preproc/ecpg.trailer
@@ -43,12 +43,15 @@ statement: ecpgstart at toplevel_stmt ';'
        }
        | '}'
        {
-               remove_typedefs(braces_open);
-               remove_variables(braces_open--);
-               if (braces_open == 0)
+               if (braces_open > 0)
                {
-                       free(current_function);
-                       current_function = NULL;
+                       remove_typedefs(braces_open);
+                       remove_variables(braces_open);
+                       if (--braces_open == 0)
+                       {
+                               free(current_function);
+                               current_function = NULL;
+                       }
                }
                fputs("}", base_yyout);
        }
diff --git a/src/interfaces/ecpg/preproc/variable.c b/src/interfaces/ecpg/preproc/variable.c
index a4294b8f0ff94bef5c2d86f68aa8f2a7dbc30fe2..ac80d2c020997aa7dfee3a85b68924e88d3133e5 100644 (file)
--- a/src/interfaces/ecpg/preproc/variable.c
+++ b/src/interfaces/ecpg/preproc/variable.c
@@ -233,7 +233,8 @@ find_variable(const char *name)
                                p = find_simple(name);
                                if (p == NULL)
                                        mmfatal(PARSE_ERROR, "variable \"%s\" is not declared", name);
-
+                               if (p->type->type != ECPGt_array)
+                                       mmfatal(PARSE_ERROR, "variable \"%s\" is not a pointer", name);
                                *next = c;
                                switch (p->type->u.element->type)
                                {
Cedric's Stuff