diff options
| author | Michael Paquier <michael@paquier.xyz> | 2025-07-01 15:48:32 +0900 | 
|---|---|---|
| committer | Michael Paquier <michael@paquier.xyz> | 2025-07-01 15:48:32 +0900 | 
| commit | 732061150b004385810e522f8629f5bf91d977b7 (patch) | |
| tree | 4280b139fb9d36c50d17fb3bee55fe1e6040728d /src/include/executor/nodeFunctionscan.h | |
| parent | c67989789cec3953effca4e01dff834abff9116a (diff) | |
xml2: Improve error handling of libxml2 calls
The contrib module xml2/ has always been fuzzy with the cleanup of the
memory allocated by the calls internal to libxml2, even if there are
APIs in place giving a lot of control over the error behavior, all
located in the backend's xml.c.
The code paths fixed in the commit address multiple defects, while
sanitizing the code:
- In xpath.c, several allocations are done by libxml2 for
xpath_workspace, whose memory cleanup could go out of sight as it relied
on a single TRY/CATCH block done in pgxml_xpath().  workspace->res is
allocated by libxml2, and may finish by not being freed at all upon a
failure outside of a TRY area.  This code is refactored so as the
TRY/CATCH block of pgxml_xpath() is moved one level higher to its
callers, which are responsible for cleaning up the contents of a
workspace on failure.  cleanup_workspace() now requires a volatile
workspace, forcing as a rule that a TRY/CATCH block should be used.
- Several calls, like xmlStrdup(), xmlXPathNewContext(),
xmlXPathCtxtCompile(), etc. can return NULL on failures (for most of
them allocation failures.  These forgot to check for failures, or missed
that pg_xml_error_occurred() should be called, to check if an error is
already on the stack.
- Some memory allocated by libxml2 calls was freed in an incorrect way,
"resstr" in xslt_process() being one example.
The class of errors fixed here are for problems that are unlikely going
to happen in practice, so no backpatch is done.  The changes have
finished by being rather invasive, so it is perhaps not a bad thing to
be conservative and to keep these changes only on HEAD anyway.
Author: Michael Paquier <michael@paquier.xyz>
Reported-by: Karavaev Alexey <maralist86@mail.ru>
Reviewed-by: Jim Jones <jim.jones@uni-muenster.de>
Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us>
Discussion: https://postgr.es/m/18943-2f2a04ab03904598@postgresql.org
Diffstat (limited to 'src/include/executor/nodeFunctionscan.h')
0 files changed, 0 insertions, 0 deletions
