Fix some pg_verifybackup issues reported by Coverity.

robertmhaas · robertmhaas · commit fc1b2ce0ee9c · 2024-10-01T08:36:54.000-04:00
Commit 8dfd312 introduced a few problems. verify_tar_file() forgot to free a buffer; the leak can't add up to anything material, but might as well fix it. precheck_tar_backup_file() intended to return after reporting an error but didn't actually do so. member_copy_control_data() could try to copy zero bytes (and maybe Coverity thinks it can even be trying to copy a negative number of bytes). Per discussion with Tom Lane. Discussion: http://postgr.es/m/1240823.1727629418@sss.pgh.pa.us
diff --git a/src/bin/pg_verifybackup/astreamer_verify.c b/src/bin/pg_verifybackup/astreamer_verify.c
@@ -341,14 +341,14 @@ member_copy_control_data(astreamer *streamer, astreamer_member *member,
 	 * be PG_CONTROL_FILE_SIZE, but the part that fits in our buffer is
 	 * shorter, just sizeof(ControlFileData).
 	 */
-	if (mystreamer->control_file_bytes <= sizeof(ControlFileData))
+	if (mystreamer->control_file_bytes < sizeof(ControlFileData))
 	{
-		int			remaining;
+		size_t		remaining;
 
 		remaining = sizeof(ControlFileData) - mystreamer->control_file_bytes;
 		memcpy(((char *) &mystreamer->control_file)
 			   + mystreamer->control_file_bytes,
-			   data, Min(len, remaining));
+			   data, Min((size_t) len, remaining));
 	}
 
 	/* Remember how many bytes we saw, even if we didn't buffer them. */
diff --git a/src/bin/pg_verifybackup/pg_verifybackup.c b/src/bin/pg_verifybackup/pg_verifybackup.c
@@ -929,9 +929,12 @@ precheck_tar_backup_file(verifier_context *context, char *relpath,
 		 * result is 0, or if the value is too large to be a valid OID.
 		 */
 		if (suffix == NULL || num <= 0 || num > OID_MAX)
+		{
 			report_backup_error(context,
 								"file \"%s\" is not expected in a tar format backup",
 								relpath);
+			return;
+		}
 		tblspc_oid = (Oid) num;
 	}
 
@@ -1014,6 +1017,8 @@ verify_tar_file(verifier_context *context, char *relpath, char *fullpath,
 		progress_report(false);
 	}
 
+	pg_free(buffer);
+
 	if (rc < 0)
 		report_backup_error(context, "could not read file \"%s\": %m",
 							relpath);
