Coverity complained that applying get_gz_error after a failed gzclose,
as we did in one place in pg_basebackup, is unsafe. I think it's
right: it's entirely likely that the call is touching freed memory.
Change that to inspect errno, as we do for other gzclose calls.
Also, be careful to initialize errno to zero immediately before any
gzclose() call where we care about the error status. (There are
some calls where we don't, because we already failed at some previous
step.) This ensures that we don't get a misleadingly irrelevant
error code if gzclose() fails in a way that doesn't set errno.
We could work harder at that, but it looks to me like all such cases
are basically can't-happen if we're not misusing zlib, so it's
not worth the extra notational cruft that would be required.
Also, fix several places that simply failed to check for close-time
errors at all, mostly at some remove from the close or gzclose itself;
and one place that did check but didn't bother to report the errno.
Back-patch to v12. These mistakes are older than that, but between
the frontend logging API changes that happened in v12 and the fact
that frontend code can't rely on %m before that, the patch would need
substantial revision to work in older branches. It doesn't quite
seem worth the trouble given the lack of related field complaints.
Patch by me; thanks to Michael Paquier for review.
Discussion: https://postgr.es/m/
1343113.
1636489231@sss.pgh.pa.us
#ifdef HAVE_LIBZ
if (ztarfile != NULL)
{
+ errno = 0; /* in case gzclose() doesn't set it */
if (gzclose(ztarfile) != 0)
{
- pg_log_error("could not close compressed file \"%s\": %s",
- filename, get_gz_error(ztarfile));
+ pg_log_error("could not close compressed file \"%s\": %m",
+ filename);
exit(1);
}
}
return false;
}
- stream->walmethod->close(f, CLOSE_NORMAL);
+ if (stream->walmethod->close(f, CLOSE_NORMAL) != 0)
+ {
+ pg_log_error("could not close archive status file \"%s\": %s",
+ tmppath, stream->walmethod->getlasterror());
+ return false;
+ }
return true;
}
#ifdef HAVE_LIBZ
if (dir_data->compression > 0)
+ {
+ errno = 0; /* in case gzclose() doesn't set it */
r = gzclose(df->gzfp);
+ }
else
#endif
r = close(df->fd);
AH->ClosePtr(AH);
/* Close the output */
+ errno = 0; /* in case gzclose() doesn't set it */
if (AH->gzOut)
res = GZCLOSE(AH->OF);
else if (AH->OF != stdout)
{
int res;
+ errno = 0; /* in case gzclose() doesn't set it */
if (AH->gzOut)
res = GZCLOSE(AH->OF);
else
lclContext *ctx = (lclContext *) AH->formatData;
/* Close the file */
- cfclose(ctx->dataFH);
+ if (cfclose(ctx->dataFH) != 0)
+ fatal("could not close data file: %m");
ctx->dataFH = NULL;
}
int len;
/* Close the BLOB data file itself */
- cfclose(ctx->dataFH);
+ if (cfclose(ctx->dataFH) != 0)
+ fatal("could not close blob data file: %m");
ctx->dataFH = NULL;
/* register the blob in blobs.toc */
{
lclContext *ctx = (lclContext *) AH->formatData;
- cfclose(ctx->blobsTocFH);
+ if (cfclose(ctx->blobsTocFH) != 0)
+ fatal("could not close blobs TOC file: %m");
ctx->blobsTocFH = NULL;
}
* Close the GZ file since we dup'd. This will flush the buffers.
*/
if (AH->compression != 0)
+ {
+ errno = 0; /* in case gzclose() doesn't set it */
if (GZCLOSE(th->zFH) != 0)
- fatal("could not close tar member");
+ fatal("could not close tar member: %m");
+ }
if (th->mode == 'w')
_tarAddFile(AH, th); /* This will close the temp file */
projects / thirdparty / postgresql.git / commitdiff
