Fix latent crash in do_text_output_multiline().

tglsfdc · tglsfdc · commit a0cc89a28141 · 2016-05-23T14:16:41.000-04:00
do_text_output_multiline() would fail (typically with a null pointer
dereference crash) if its input string did not end with a newline.  Such
cases do not arise in our current sources; but it certainly could happen
in future, or in extension code's usage of the function, so we should fix
it.  To fix, replace "eol += len" with "eol = text + len".

While at it, make two cosmetic improvements: mark the input string const,
and rename the argument from "text" to "txt" to dodge pgindent strangeness
(since "text" is a typedef name).

Even though this problem is only latent at present, it seems like a good
idea to back-patch the fix, since it's a very simple/safe patch and it's
not out of the realm of possibility that we might in future back-patch
something that expects sane behavior from do_text_output_multiline().

Per report from Hao Lee.

Report: &lt;CAGoxFiFPAGyPAJLcFxTB5cGhTW2yOVBDYeqDugYwV4dEd1L_Ag@mail.gmail.com&gt;
diff --git a/src/backend/executor/execTuples.c b/src/backend/executor/execTuples.c
@@ -1285,33 +1285,32 @@ do_tup_output(TupOutputState *tstate, Datum *values, bool *isnull)
  * Should only be used with a single-TEXT-attribute tupdesc.
  */
 void
-do_text_output_multiline(TupOutputState *tstate, char *text)
+do_text_output_multiline(TupOutputState *tstate, const char *txt)
 {
 	Datum		values[1];
 	bool		isnull[1] = {false};
 
-	while (*text)
+	while (*txt)
 	{
-		char	   *eol;
+		const char *eol;
 		int			len;
 
-		eol = strchr(text, '\n');
+		eol = strchr(txt, '\n');
 		if (eol)
 		{
-			len = eol - text;
-
+			len = eol - txt;
 			eol++;
 		}
 		else
 		{
-			len = strlen(text);
-			eol += len;
+			len = strlen(txt);
+			eol = txt + len;
 		}
 
-		values[0] = PointerGetDatum(cstring_to_text_with_len(text, len));
+		values[0] = PointerGetDatum(cstring_to_text_with_len(txt, len));
 		do_tup_output(tstate, values, isnull);
 		pfree(DatumGetPointer(values[0]));
-		text = eol;
+		txt = eol;
 	}
 }
 
diff --git a/src/include/executor/executor.h b/src/include/executor/executor.h
@@ -278,7 +278,7 @@ typedef struct TupOutputState
 extern TupOutputState *begin_tup_output_tupdesc(DestReceiver *dest,
 						 TupleDesc tupdesc);
 extern void do_tup_output(TupOutputState *tstate, Datum *values, bool *isnull);
-extern void do_text_output_multiline(TupOutputState *tstate, char *text);
+extern void do_text_output_multiline(TupOutputState *tstate, const char *txt);
 extern void end_tup_output(TupOutputState *tstate);
 
 /*

Original file line number	Diff line number	Diff line change
`@@ -1285,33 +1285,32 @@ do_tup_output(TupOutputState tstate, Datum values, bool *isnull)`
`1285`	`1285`	`* Should only be used with a single-TEXT-attribute tupdesc.`
`1286`	`1286`	`*/`
`1287`	`1287`	`void`
`1288`		`-do_text_output_multiline(TupOutputState tstate, char text)`
	`1288`	`+do_text_output_multiline(TupOutputState tstate, const char txt)`
`1289`	`1289`	`{`
`1290`	`1290`	`Datum values[1];`
`1291`	`1291`	`bool isnull[1] = {false};`
`1292`	`1292`
`1293`		`- while (*text)`
	`1293`	`+ while (*txt)`
`1294`	`1294`	`{`
`1295`		`- char *eol;`
	`1295`	`+ const char *eol;`
`1296`	`1296`	`int len;`
`1297`	`1297`
`1298`		`- eol = strchr(text, '\n');`
	`1298`	`+ eol = strchr(txt, '\n');`
`1299`	`1299`	`if (eol)`
`1300`	`1300`	`{`
`1301`		`- len = eol - text;`
`1302`		`-`
	`1301`	`+ len = eol - txt;`
`1303`	`1302`	`eol++;`
`1304`	`1303`	`}`
`1305`	`1304`	`else`
`1306`	`1305`	`{`
`1307`		`- len = strlen(text);`
`1308`		`- eol += len;`
	`1306`	`+ len = strlen(txt);`
	`1307`	`+ eol = txt + len;`
`1309`	`1308`	`}`
`1310`	`1309`
`1311`		`- values[0] = PointerGetDatum(cstring_to_text_with_len(text, len));`
	`1310`	`+ values[0] = PointerGetDatum(cstring_to_text_with_len(txt, len));`
`1312`	`1311`	`do_tup_output(tstate, values, isnull);`
`1313`	`1312`	`pfree(DatumGetPointer(values[0]));`
`1314`		`- text = eol;`
	`1313`	`+ txt = eol;`
`1315`	`1314`	`}`
`1316`	`1315`	`}`
`1317`	`1316`