Avoid double-free in vacuumlo error path.

The code would do "PQclear(res)" twice if lo_unlink failed, evidently
due to careless thinking about how far out a "break" would break.
Remove the extra PQclear and adjust the loop logic so that we'll fall
out of both levels of loop after an error, as was clearly the intent.

Spotted by Coverity.  I have no idea why it took this long to notice,
since the bug has been there since commit 67ccbb080.  Accordingly,
back-patch to all supported branches.

diff --git a/contrib/vacuumlo/vacuumlo.c b/contrib/vacuumlo/vacuumlo.c
index 7eb474ca3e41998b77167592dabeb852e07014af..8dbcaad797a9eb936c2a2be916425ea9d1ff6045 100644 (file)
--- a/contrib/vacuumlo/vacuumlo.c
+++ b/contrib/vacuumlo/vacuumlo.c
@@ -316,7 +316,7 @@ vacuumlo(const char *database, const struct _param *param)
 
        deleted = 0;
 
-       while (1)
+       do
        {
                res = PQexec(conn, buf);
                if (PQresultStatus(res) != PGRES_TUPLES_OK)
@@ -354,8 +354,7 @@ vacuumlo(const char *database, const struct _param *param)
                                        if (PQtransactionStatus(conn) == PQTRANS_INERROR)
                                        {
                                                success = false;
-                                               PQclear(res);
-                                               break;
+                                               break;  /* out of inner for-loop */
                                        }
                                }
                                else
@@ -393,7 +392,7 @@ vacuumlo(const char *database, const struct _param *param)
                }
 
                PQclear(res);
-       }
+       } while (success);
 
        /*
         * That's all folks!