On Sat, Oct 26, 2019 at 07:46:25AM +0000, PG Bug reporting form wrote:
>The following bug has been logged on the website:
>
>Bug reference: 16082
>Logged by: cili
>Email address: cilizili@protonmail.com
>PostgreSQL version: 12.0
>Operating system: Microsoft Windows [Version 10.0.18362.418]
>Description:
>
>The function pglz_decompress in src/common/pglz_decompress.c may refer
>invalid data in the corrupted database file.
>I show you two bad cases along with corrupted database file, and how to
>make.
>
>The first byte of TOAST structure is a control byte. If the LSB of control
>byte is set, the 2nd byte is the length and the 3rd byte is an offset of
>repeating bytes in dest block.
>There is two case that they are valid for invalid data. In the case 1, it
>reads an uninitialized data in the dest. In the case 2, it reads
>uninitialized or out-of-bound data in the dest. They are invalid.
>I'll show you the setup and one normal case, and then show two bad bug
>cases.
>
Well, failure like this after reading corrupted data from disk is not
really surprising and it's hardly a bug. It's kinda intended to work
that way, really.
Essentially, if something outside PostgreSQL corrupted the data file,
then all bets are off. We have a protection against that in the form of
data checksums, in which case we'd (very probably) identify that while
reading the page from disk.
If the page was corrupted by PostgreSQL itself, we might not notice
that, but then the thing that corrupted the data file is the bug, not
that pglz_decompress fails. But AFAICS you have not demonstrated any
such data corruption issue, you assume the data file is corrupted by
something outside PostgreSQL (i.e. the first case).
regards
--
Tomas Vondra http://www.2ndQuadrant.com
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services