Fix pool_push_pending_data().
authorTatsuo Ishii <ishii@postgresql.org>
Sat, 14 Sep 2024 13:41:30 +0000 (22:41 +0900)
committerTatsuo Ishii <ishii@postgresql.org>
Sat, 14 Sep 2024 13:41:30 +0000 (22:41 +0900)
Fix "insecure data handling".
Per Coverity (CID 1559731)

src/protocol/pool_process_query.c

index cdeaa0328f09a690fa63b0735e0c5acf766d01c8..a17475ea2ea99f5802fb5830b82d29663e72fadb 100644 (file)
@@ -5225,10 +5225,10 @@ pool_push_pending_data(POOL_CONNECTION * backend)
 
                len_save = len;
                len = ntohl(len);
+               len -= sizeof(len);
                buf = NULL;
-               if ((len - sizeof(len)) > 0)
+               if (len  > 0)
                {
-                       len -= sizeof(len);
                        buf = palloc(len);
                        pool_read(backend, buf, len);
                }