From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Thu, 10 Oct 2024 20:17:38 +0000 (-0400)
Subject: Avoid possible segfault in psql's tab completion.
X-Git-Tag: REL_18_BETA1~1743
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=95eb4cd4ff0648afc32abbfaacc9718f6b91bf7b;p=thirdparty%2Fpostgresql.git

Avoid possible segfault in psql's tab completion.

Fix oversight in bd1276a3c: the "words_after_create" stanza in
psql_completion() requires previous_words_count > 0, since it uses
prev_wd.  This condition was formerly assured by the if-else chain
above it, but no more.  If there were no previous words then we'd
dereference an uninitialized pointer, possibly causing a segfault.

Report and patch by Anthonin Bonnefoy.

Discussion: https://postgr.es/m/CAO6_XqrSRE7c_i+D7Hm07K3+6S0jTAmMr60RY41XzaA29Ae5uA@mail.gmail.com
---

diff --git a/src/bin/psql/tab-complete.in.c b/src/bin/psql/tab-complete.in.c
index a9f4d205e14..1be0056af73 100644
--- a/src/bin/psql/tab-complete.in.c
+++ b/src/bin/psql/tab-complete.in.c
@@ -2024,7 +2024,7 @@ psql_completion(const char *text, int start, int end)
 	 * check if that was the previous word. If so, execute the query to get a
 	 * list of them.
 	 */
-	if (matches == NULL)
+	if (matches == NULL && previous_words_count > 0)
 	{
 		const pgsql_thing_t *wac;