postgres/timescaledb
1
0
Fork 0
mirror of https://github.com/timescale/timescaledb.git synced 2025-05-16 02:23:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix buffer overflow in partition scheme

Browse Source 
Reallocate the partitioning attributes arrays when forcing GROUP BY
aggregates down.

Fixes #4050
This commit is contained in:
Markos Fountoulakis 2022-02-09 18:35:19 +02:00 committed by Sven Klemm
parent 6dddfaa54e
commit 8a33a79e0c
3 changed files with 27 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -21,6 +21,7 @@ accidentally triggering the load of a previous DB version.**
* #4020 Fix ALTER TABLE EventTrigger initialization
* #4024 Fix premature cache release call
* #4069 Fix riinfo NULL handling in ANY construct
* #4073 Fix buffer overflow in partition scheme
**Thanks**
* @erikhh for reporting an issue with time_bucket_gapfill

6
src/plan_expand_hypertable.c
View File

@ -1134,9 +1134,9 @@ build_hypertable_partition_info(Hypertable *ht, PlannerInfo *root, RelOptInfo *h
part_scheme->partnatts = ht->space->num_dimensions;
part_scheme->strategy = PARTITION_STRATEGY_MULTIDIM;
hyper_rel->nparts = nparts;
part_scheme->partopfamily = palloc0(nparts * sizeof(Oid));
part_scheme->partopcintype = palloc0(nparts * sizeof(Oid));
part_scheme->partcollation = palloc0(nparts * sizeof(Oid));
part_scheme->partopfamily = palloc0(part_scheme->partnatts * sizeof(Oid));
part_scheme->partopcintype = palloc0(part_scheme->partnatts * sizeof(Oid));
part_scheme->partcollation = palloc0(part_scheme->partnatts * sizeof(Oid));
hyper_rel->part_scheme = part_scheme;
hyper_rel->partexprs = get_hypertable_partexprs(ht, root->parse, hyper_rel->relid);
hyper_rel->nullable_partexprs = (List **) palloc0(sizeof(List *) * part_scheme->partnatts);

25
tsl/src/fdw/data_node_scan_plan.c
View File

@ -293,7 +293,11 @@ force_group_by_push_down(PlannerInfo *root, RelOptInfo *hyper_rel)
{
PartitionScheme partscheme = hyper_rel->part_scheme;
List *groupexprs;
List **nullable_partexprs;
int16 new_partnatts;
Oid *partopfamily;
Oid *partopcintype;
Oid *partcollation;
ListCell *lc;
int i = 0;
@ -302,10 +306,27 @@ force_group_by_push_down(PlannerInfo *root, RelOptInfo *hyper_rel)
groupexprs = get_sortgrouplist_exprs(root->parse->groupClause, root->parse->targetList);
new_partnatts = list_length(groupexprs);
/* Only reallocate the partitioning attributes array if it is smaller than
* the new size */
/* Only reallocate the partitioning attributes arrays if it is smaller than
* the new size. palloc0 is needed to zero out the extra space. */
if (partscheme->partnatts < new_partnatts)
{
partopfamily = palloc0(new_partnatts * sizeof(Oid));
partopcintype = palloc0(new_partnatts * sizeof(Oid));
partcollation = palloc0(new_partnatts * sizeof(Oid));
nullable_partexprs = palloc0(new_partnatts * sizeof(List *));
memcpy(partopfamily, partscheme->partopfamily, new_partnatts * sizeof(Oid));
memcpy(partopcintype, partscheme->partopcintype, new_partnatts * sizeof(Oid));
memcpy(partcollation, partscheme->partcollation, new_partnatts * sizeof(Oid));
memcpy(nullable_partexprs, hyper_rel->nullable_partexprs, new_partnatts * sizeof(List *));
partscheme->partopfamily = partopfamily;
partscheme->partopcintype = partopcintype;
partscheme->partcollation = partcollation;
hyper_rel->nullable_partexprs = nullable_partexprs;
hyper_rel->partexprs = (List **) palloc0(sizeof(List *) * new_partnatts);
}
partscheme->partnatts = new_partnatts;