diff options
| author | Michael Paquier <michael@paquier.xyz> | 2019-03-09 08:50:55 +0900 |
|---|---|---|
| committer | Michael Paquier <michael@paquier.xyz> | 2019-03-09 08:50:55 +0900 |
| commit | 82a5649fb9dbef12d04cd24799be6bf298d889a6 (patch) | |
| tree | 4f71ad9aef1734976cbef8f5dde9c20b27b98d4b /src/backend/storage/file/fd.c | |
| parent | 2e616dee9e601d36462dc4cc48eb0b6a1ff20051 (diff) | |
| download | postgresql-82a5649fb9dbef12d04cd24799be6bf298d889a6.tar.gz postgresql-82a5649fb9dbef12d04cd24799be6bf298d889a6.zip | |
Tighten use of OpenTransientFile and CloseTransientFile
This fixes two sets of issues related to the use of transient files in
the backend:
1) OpenTransientFile() has been used in some code paths with read-write
flags while read-only is sufficient, so switch those calls to be
read-only where necessary. These have been reported by Joe Conway.
2) When opening transient files, it is up to the caller to close the
file descriptors opened. In error code paths, CloseTransientFile() gets
called to clean up things before issuing an error. However in normal
exit paths, a lot of callers of CloseTransientFile() never actually
reported errors, which could leave a file descriptor open without
knowing about it. This is an issue I complained about a couple of
times, but never had the courage to write and submit a patch, so here we
go.
Note that one frontend code path is impacted by this commit so as an
error is issued when fetching control file data, making backend and
frontend to be treated consistently.
Reported-by: Joe Conway, Michael Paquier
Author: Michael Paquier
Reviewed-by: Álvaro Herrera, Georgios Kokolatos, Joe Conway
Discussion: https://postgr.es/m/20190301023338.GD1348@paquier.xyz
Discussion: https://postgr.es/m/c49b69ec-e2f7-ff33-4f17-0eaa4f2cef27@joeconway.com
Diffstat (limited to 'src/backend/storage/file/fd.c')
| -rw-r--r-- | src/backend/storage/file/fd.c | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/src/backend/storage/file/fd.c b/src/backend/storage/file/fd.c index 1ba0ddac107..fdac9850e02 100644 --- a/src/backend/storage/file/fd.c +++ b/src/backend/storage/file/fd.c @@ -646,7 +646,14 @@ durable_rename(const char *oldfile, const char *newfile, int elevel) errmsg("could not fsync file \"%s\": %m", newfile))); return -1; } - CloseTransientFile(fd); + + if (CloseTransientFile(fd)) + { + ereport(elevel, + (errcode_for_file_access(), + errmsg("could not close file \"%s\": %m", newfile))); + return -1; + } } /* Time to do the real deal... */ @@ -3295,7 +3302,10 @@ pre_sync_fname(const char *fname, bool isdir, int elevel) */ pg_flush_data(fd, 0, 0); - (void) CloseTransientFile(fd); + if (CloseTransientFile(fd)) + ereport(elevel, + (errcode_for_file_access(), + errmsg("could not close file \"%s\": %m", fname))); } #endif /* PG_FLUSH_DATA_WORKS */ @@ -3394,7 +3404,13 @@ fsync_fname_ext(const char *fname, bool isdir, bool ignore_perm, int elevel) return -1; } - (void) CloseTransientFile(fd); + if (CloseTransientFile(fd)) + { + ereport(elevel, + (errcode_for_file_access(), + errmsg("could not close file \"%s\": %m", fname))); + return -1; + } return 0; } |