From 1de1e3d440464a54d8f6a89c59c1f5a8c3e5731b Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Sun, 15 Jul 2012 13:28:27 -0400 Subject: [PATCH] Prevent corner-case core dump in rfree(). rfree() failed to cope with the case that pg_regcomp() had initialized the regex_t struct but then failed to allocate any memory for re->re_guts (ie, the first malloc call in pg_regcomp() failed). It would try to touch the guts struct anyway, and thus dump core. This is a sufficiently narrow corner case that it's not surprising it's never been seen in the field; but still a bug is a bug, so patch all active branches. Noted while investigating whether we need to call pg_regfree after a failure return from pg_regcomp. Other than this bug, it turns out we don't, so adjust comments appropriately. --- src/backend/regex/regcomp.c | 24 +++++++++++++++--------- src/backend/utils/adt/regexp.c | 3 +-- 2 files changed, 16 insertions(+), 11 deletions(-) diff --git a/src/backend/regex/regcomp.c b/src/backend/regex/regcomp.c index 3a7cb314f0..c3e7588c05 100644 --- a/src/backend/regex/regcomp.c +++ b/src/backend/regex/regcomp.c @@ -276,6 +276,9 @@ static struct fns functions = { /* * pg_regcomp - compile regular expression + * + * Note: on failure, no resources remain allocated, so pg_regfree() + * need not be applied to re. */ int pg_regcomp(regex_t *re, @@ -1836,15 +1839,18 @@ rfree(regex_t *re) g = (struct guts *) re->re_guts; re->re_guts = NULL; re->re_fns = NULL; - g->magic = 0; - freecm(&g->cmap); - if (g->tree != NULL) - freesubre((struct vars *) NULL, g->tree); - if (g->lacons != NULL) - freelacons(g->lacons, g->nlacons); - if (!NULLCNFA(g->search)) - freecnfa(&g->search); - FREE(g); + if (g != NULL) + { + g->magic = 0; + freecm(&g->cmap); + if (g->tree != NULL) + freesubre((struct vars *) NULL, g->tree); + if (g->lacons != NULL) + freelacons(g->lacons, g->nlacons); + if (!NULLCNFA(g->search)) + freecnfa(&g->search); + FREE(g); + } } #ifdef REG_DEBUG diff --git a/src/backend/utils/adt/regexp.c b/src/backend/utils/adt/regexp.c index 8c77420a34..af63b0226c 100644 --- a/src/backend/utils/adt/regexp.c +++ b/src/backend/utils/adt/regexp.c @@ -186,9 +186,8 @@ RE_compile_and_cache(text *text_re, int cflags) if (regcomp_result != REG_OKAY) { - /* re didn't compile */ + /* re didn't compile (no need for pg_regfree, if so) */ pg_regerror(regcomp_result, &re_temp.cre_re, errMsg, sizeof(errMsg)); - /* XXX should we pg_regfree here? */ ereport(ERROR, (errcode(ERRCODE_INVALID_REGULAR_EXPRESSION), errmsg("invalid regular expression: %s", errMsg)));