Flavien GUEDEZ <flav.pg@oopacity.net> writes:
> After some investigations about very corrupted toast data in one
> postgres instance, I found that the pglz_decompress function (in
> common/pg_lzcompress.c) does not check correctly where it copies data
> from using memcpy(), which could result in segfault.
> In this function, there are other checks to ensure that we do not copy
> after the destination end, but not if we copy data from "before the
> beginning".
Hmm, would it not be better to add this check to the existing "Check for
corrupt data" a bit further up? Then you'd only need one instance of
the test, and only need to do it once per tag (note the comment pointing
out that dp - off stays the same), and overall it'd be less surprising IMO.
regards, tom lane