Fix out-of-bound read in gtsvector_picksplit()

This could lead to an imprecise choice when splitting an index page of a
GiST index on a tsvector, deciding which entries should remain on the
old page and which entries should move to a new page.

This is wrong since tsearch2 has been moved into core with commit
140d4ebcb46e, so backpatch all the way down.  This error has been
spotted by valgrind.

Author: Alexander Lakhin
Discussion: https://postgr.es/m/17950-6c80a8d2b94ec695@postgresql.org
Backpatch-through: 11

diff --git a/src/backend/utils/adt/tsgistidx.c b/src/backend/utils/adt/tsgistidx.c
index f0cd2866ff5a84bc376561688cfa260c93389f27..12a4111e99a0903ae0490baa85a055da3dd1775a 100644 (file)
--- a/src/backend/utils/adt/tsgistidx.c
+++ b/src/backend/utils/adt/tsgistidx.c
@@ -730,7 +730,7 @@ gtsvector_picksplit(PG_FUNCTION_ARGS)
                                size_alpha = SIGLENBIT(siglen) -
                                        sizebitvec((cache[j].allistrue) ?
                                                           GETSIGN(datum_l) :
-                                                          GETSIGN(cache[j].sign),
+                                                          cache[j].sign,
                                                           siglen);
                }
                else
@@ -744,7 +744,7 @@ gtsvector_picksplit(PG_FUNCTION_ARGS)
                                size_beta = SIGLENBIT(siglen) -
                                        sizebitvec((cache[j].allistrue) ?
                                                           GETSIGN(datum_r) :
-                                                          GETSIGN(cache[j].sign),
+                                                          cache[j].sign,
                                                           siglen);
                }
                else