Re: BUG #16837: Invalid memory access on \h in psql

Kyotaro Horiguchi <horikyota.ntt@gmail.com> writes:
> At Tue, 26 Jan 2021 07:00:00 +0000, PG Bug reporting form <noreply@postgresql.org> wrote in
>> When executing in psql (under valgrind):
>> \h\
>> valgrind detects the following error:
>> ==00:00:00:00.000 3226182==
>> ==00:00:00:04.045 3226182== Conditional jump or move depends on
>> uninitialised value(s)

> This is reproducible on master HEAD. helpSQL assumes that the first
> word is longer than two characters and the second word exists. It also
> doesn't care overruns. Addition to those issues, it miscounts the
> length of the first two words if the third word exists.

Weirdly, valgrind isn't whining about this for me.  But I agree that
that loop is unsafe.  There are other problems too I think: neither
the initialization of "output" nor the calculation of nl_count seem
to be done sanely.  This function really needs thoroughgoing review :-(

            regards, tom lane