diff options
| author | Andres Freund <andres@anarazel.de> | 2022-03-23 16:38:43 -0700 |
|---|---|---|
| committer | Andres Freund <andres@anarazel.de> | 2022-03-27 18:15:17 -0700 |
| commit | 7d935bdf7af71aaa1654366b9fd051581660326a (patch) | |
| tree | 467aff219c344c60bfdf5fdc0864783d39802041 /src | |
| parent | 1a2fdf86aae82e96713a0bfbe7e750d35667d692 (diff) | |
| download | postgresql-7d935bdf7af71aaa1654366b9fd051581660326a.tar.gz postgresql-7d935bdf7af71aaa1654366b9fd051581660326a.zip | |
waldump: fix use-after-free in search_directory().
After closedir() dirent->d_name is not valid anymore. As there alerady are a
few places relying on the limited lifetime of pg_waldump, do so here as well,
and just pg_strdup() the string.
The bug was introduced in fc49e24fa69a.
Found by UBSan, run locally.
Backpatch: 11-, like fc49e24fa69 itself.
Diffstat (limited to 'src')
| -rw-r--r-- | src/bin/pg_waldump/pg_waldump.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/bin/pg_waldump/pg_waldump.c b/src/bin/pg_waldump/pg_waldump.c index cd202a50ced..7d03e19a113 100644 --- a/src/bin/pg_waldump/pg_waldump.c +++ b/src/bin/pg_waldump/pg_waldump.c @@ -198,7 +198,7 @@ search_directory(const char *directory, const char *fname) if (IsXLogFileName(xlde->d_name)) { fd = open_file_in_directory(directory, xlde->d_name); - fname = xlde->d_name; + fname = pg_strdup(xlde->d_name); break; } } |