Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit a956bd3

Browse filesBrowse files
michaelpqmichaelpq
committed
Avoid memory size overflow when allocating backend activity buffer
The code in charge of copying the contents of PgBackendStatus to local memory could fail on memory allocation because of an overflow on the amount of memory to use. The overflow can happen when combining a high value track_activity_query_size (max at 1MB) with a large max_connections, when both multiplied get higher than INT32_MAX as both parameters treated as signed integers. This could for example trigger with the following functions, all calling pgstat_read_current_status(): - pg_stat_get_backend_subxact() - pg_stat_get_backend_idset() - pg_stat_get_progress_info() - pg_stat_get_activity() - pg_stat_get_db_numbackends() The change to use MemoryContextAllocHuge() has been introduced in 8d0ddcc, so backpatch down to 12. Author: Jakub Wartak Discussion: https://postgr.es/m/CAKZiRmw8QSNVw2qNK-dznsatQqz+9DkCquxP0GHbbv1jMkGHMA@mail.gmail.com Backpatch-through: 12
1 parent aea599c commit a956bd3
Copy full SHA for a956bd3

File tree

Expand file treeCollapse file tree

1 file changed

+2
-1
lines changed
Filter options
Expand file treeCollapse file tree

1 file changed

+2
-1
lines changed

‎src/backend/utils/activity/backend_status.c

Copy file name to clipboardExpand all lines: src/backend/utils/activity/backend_status.c
+2-1Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -765,7 +765,8 @@ pgstat_read_current_status(void)
765765
NAMEDATALEN * NumBackendStatSlots);
766766
localactivity = (char *)
767767
MemoryContextAllocHuge(backendStatusSnapContext,
768-
pgstat_track_activity_query_size * NumBackendStatSlots);
768+
(Size) pgstat_track_activity_query_size *
769+
(Size) NumBackendStatSlots);
769770
#ifdef USE_SSL
770771
localsslstatus = (PgBackendSSLStatus *)
771772
MemoryContextAlloc(backendStatusSnapContext,

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.