git.ipfire.org Git - thirdparty/postgresql.git/commit

author	Tom Lane <tgl@sss.pgh.pa.us>
	Thu, 19 Mar 2026 18:25:26 +0000 (14:25 -0400)
committer	Tom Lane <tgl@sss.pgh.pa.us>
	Thu, 19 Mar 2026 18:25:26 +0000 (14:25 -0400)
commit	8b02c22bb43cb480f437704dc547ea77196b7e93
tree	69e72c2f68535bc2cff2c5c8220de5119f30612c	tree \| snapshot
parent	dd1398f1378799acc60c3ed85d82439b2ff69141	commit \| diff

Avoid leaking duplicated file descriptors in corner cases.

pg_dump's compression modules had variations on the theme of

fp = fdopen(dup(fd), mode);
if (fp == NULL)
    // fail, reporting errno

which is problematic for two reasons.  First, if dup() succeeds but
fdopen() fails, we'd leak the duplicated FD.  That's not important
at present since the program will just exit immediately after failure
anyway; but perhaps someday we'll try to continue, making the resource
leak potentially significant.  Second, if dup() fails then fdopen()
will overwrite the useful errno (perhaps EMFILE) with a misleading
value EBADF, making it difficult to understand what went wrong.
Fix both issues by testing for dup() failure before proceeding to
the next call.

These failures are sufficiently unlikely, and the consequences minor
enough, that this doesn't seem worth the effort to back-patch.
But let's fix it in HEAD.

Author: Jianghua Yang <yjhjstz@gmail.com>
Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us>
Discussion: https://postgr.es/m/62bbe34d-2315-4b42-b768-56d901aa83e1@gmail.com

src/bin/pg_dump/compress_gzip.c		diff \| blob \| blame \| history
src/bin/pg_dump/compress_lz4.c		diff \| blob \| blame \| history
src/bin/pg_dump/compress_none.c		diff \| blob \| blame \| history
src/bin/pg_dump/compress_zstd.c		diff \| blob \| blame \| history