waldump: fix use-after-free in search_directory().

After closedir() dirent->d_name is not valid anymore. As there alerady are a
few places relying on the limited lifetime of pg_waldump, do so here as well,
and just pg_strdup() the string.

The bug was introduced in fc49e24fa69a.

Found by UBSan, run locally.

Backpatch: 11-, like fc49e24fa69 itself.

diff --git a/src/bin/pg_waldump/pg_waldump.c b/src/bin/pg_waldump/pg_waldump.c
index b1e5f4610455c70182d6adedb772213389e21e76..5d7f52583b87a4eabc05af569c85d73fefc8c1c3 100644 (file)
--- a/src/bin/pg_waldump/pg_waldump.c
+++ b/src/bin/pg_waldump/pg_waldump.c
@@ -180,7 +180,7 @@ search_directory(const char *directory, const char *fname)
                        if (IsXLogFileName(xlde->d_name))
                        {
                                fd = open_file_in_directory(directory, xlde->d_name);
-                               fname = xlde->d_name;
+                               fname = pg_strdup(xlde->d_name);
                                break;
                        }
                }