Re: BUG #16176: NULL value returned by category_sql argument tocrosstab() causes segmentation fault
| От | Joe Conway |
|---|---|
| Тема | Re: BUG #16176: NULL value returned by category_sql argument tocrosstab() causes segmentation fault |
| Дата | |
| Msg-id | 8d8ef71e-a347-67be-696a-3bdd259ec9fb@joeconway.com обсуждение исходный текст |
| Ответ на | Re: BUG #16176: NULL value returned by category_sql argument to crosstab() causes segmentation fault (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: BUG #16176: NULL value returned by category_sql argument to crosstab() causes segmentation fault
|
| Список | pgsql-bugs |
On 12/20/19 1:00 PM, Tom Lane wrote:
> PG Bug reporting form <noreply@postgresql.org> writes:
>> -- this will crash pg12, but not version() < 12 - note NULL value in
>> categories query:
>> select * from crosstab ('values (1, 2, 12), (1, 3, 13), (2, 2, 22), (2,
>> 3, 23), (3, 2, 32), (3, 3, 33) order by 1, 2, 3', 'values (2), (null)') as
>> rr (a int, "2" int, "3" int);
>
> Yeah, duplicated here. It seems tablefunc is passing a NULL string
> pointer to sprintf(). Previously, that would work on some platforms
> and crash on others --- as of v12, it crashes everywhere.
>
> What we need here is to figure out what the hashtab string key ought
> to be for a NULL category. I suspect what was happening before
> (on non-crashing platforms) was that you implicitly got "(nil)"
> or some spelling like that, which is not great because it could
> conflict with a valid user key. Alternatively, we could refuse
> NULL category values ... not sure if that's desirable.
>
> Anyway, this is *not* a new bug, it's just possible to hit it on
> more platforms now.
It appears that in pg11 (and presumably prior) when snprintf() is called
it is resolved (here at least )to __GI___snprintf() which comes directly
from libc. On my desktop machine the system snprintf() deals with a null
pointer argument without crashing. I guess this is why the crash was
platform dependent.
In pg12 (and presumably master), it is resolved to our own port function
pg_snprintf(), which in turn works its way to dopr(), where strlen() is
called on a null pointer and "<boom>". Undoubtedly strlen() is a bit
more consistent than snprintf() across platforms in this regard.
From what I can see, even on pg11 and prior, having a null category
never did anything useful. And in the 16 years or so since this has been
around, no one in my memory ever asked for that functionality, so I am
inclined to refuse NULL category values unless someone wants to make a
good case otherwise.
Joe
--
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development
Вложения
В списке pgsql-bugs по дате отправления: