From 982b9b1eba8d809cd677009d15ca045cea890c69 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Mon, 2 Jan 2023 16:17:00 -0500 Subject: [PATCH] Avoid reference to nonexistent array element in ExecInitAgg(). When considering an empty grouping set, we fetched phasedata->eqfunctions[-1]. Because the eqfunctions array is palloc'd, that would always be an aset pointer in released versions, and thus the code accidentally failed to malfunction (since it would do nothing unless it found a null pointer). Nonetheless this seems like trouble waiting to happen, so add a check for length == 0. It's depressing that our valgrind testing did not catch this. Maybe we should reconsider the choice to not mark that word NOACCESS? Richard Guo Discussion: https://postgr.es/m/CAMbWs4-vZuuPOZsKOYnSAaPYGKhmacxhki+vpOKk0O7rymccXQ@mail.gmail.com --- src/backend/executor/nodeAgg.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/backend/executor/nodeAgg.c b/src/backend/executor/nodeAgg.c index f2bb5502b21..9175f35c6b6 100644 --- a/src/backend/executor/nodeAgg.c +++ b/src/backend/executor/nodeAgg.c @@ -2377,6 +2377,11 @@ ExecInitAgg(Agg *node, EState *estate, int eflags) { int length = phasedata->gset_lengths[i]; + /* nothing to do for empty grouping set */ + if (length == 0) + continue; + + /* if we already had one of this length, it'll do */ if (phasedata->eqfunctions[length - 1] != NULL) continue; -- 2.39.5