From a4a5d40190ff2dfe2299d7b361a88db0dd5a4c82 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Thu, 3 Nov 2011 19:18:04 -0400 Subject: [PATCH] Fix bogus code in contrib/ tsearch dictionary examples. Both dict_int and dict_xsyn were blithely assuming that whatever memory palloc gives back will be pre-zeroed. This would typically work for just about long enough to run their regression tests, and no longer :-(. The pre-9.0 code in dict_xsyn was even lamer than that, as it would happily give back a pointer to the result of palloc(0), encouraging its caller to access off the end of memory. Again, this would just barely fail to fail as long as memory contained nothing but zeroes. Per a report from Rodrigo Hjort that code based on these examples didn't work reliably. --- contrib/dict_int/dict_int.c | 2 +- contrib/dict_xsyn/dict_xsyn.c | 8 +++++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/contrib/dict_int/dict_int.c b/contrib/dict_int/dict_int.c index e555cdb8935..fcc154a9a40 100644 --- a/contrib/dict_int/dict_int.c +++ b/contrib/dict_int/dict_int.c @@ -73,7 +73,7 @@ dintdict_lexize(PG_FUNCTION_ARGS) DictInt *d = (DictInt *) PG_GETARG_POINTER(0); char *in = (char *) PG_GETARG_POINTER(1); char *txt = pnstrdup(in, PG_GETARG_INT32(2)); - TSLexeme *res = palloc(sizeof(TSLexeme) * 2); + TSLexeme *res = palloc0(sizeof(TSLexeme) * 2); res[1].lexeme = NULL; if (PG_GETARG_INT32(2) > d->maxlen) diff --git a/contrib/dict_xsyn/dict_xsyn.c b/contrib/dict_xsyn/dict_xsyn.c index 511ef271e3e..1aa5e9540b1 100644 --- a/contrib/dict_xsyn/dict_xsyn.c +++ b/contrib/dict_xsyn/dict_xsyn.c @@ -200,7 +200,7 @@ dxsyn_lexize(PG_FUNCTION_ARGS) int nsyns = 0; bool is_first = true; - res = palloc(0); + res = palloc(sizeof(TSLexeme)); while (pos < value + value_length) { @@ -212,13 +212,13 @@ dxsyn_lexize(PG_FUNCTION_ARGS) *end = '\0'; res = repalloc(res, sizeof(TSLexeme) * (nsyns + 2)); - res[nsyns].lexeme = NULL; /* first word is added to result only if KEEPORIG flag is set */ if (d->keeporig || !is_first) { res[nsyns].lexeme = pstrdup(syn); - res[nsyns + 1].lexeme = NULL; + res[nsyns].nvariant = 0; + res[nsyns].flags = 0; nsyns++; } @@ -228,6 +228,8 @@ dxsyn_lexize(PG_FUNCTION_ARGS) pos = end + 1; } + res[nsyns].lexeme = NULL; + pfree(value); } -- 2.47.2