Skip to content

Commit 1144ea3

Browse files
robertmhaasrobertmhaas
committed
Prevent shm_mq_send from reading uninitialized memory.
shm_mq_send_bytes didn't invariably initialize *bytes_written before returning, which would cause shm_mq_send to read from uninitialized memory and add the value it found there to mqh->mqh_partial_bytes. This could cause the next attempt to send a message via the queue to fail an assertion (if the queue was detached) or copy data from a garbage pointer value into the queue (if non-blocking mode was in use).
1 parent 250c26b commit 1144ea3

File tree

1 file changed

+7
-0
lines changed

1 file changed

+7
-0
lines changed

src/backend/storage/ipc/shm_mq.c

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -676,7 +676,10 @@ shm_mq_send_bytes(shm_mq_handle *mqh, Size nbytes, void *data, bool nowait,
676676

677677
/* Bail out if the queue has been detached. */
678678
if (detached)
679+
{
680+
*bytes_written = sent;
679681
return SHM_MQ_DETACHED;
682+
}
680683

681684
if (available == 0)
682685
{
@@ -691,12 +694,16 @@ shm_mq_send_bytes(shm_mq_handle *mqh, Size nbytes, void *data, bool nowait,
691694
if (nowait)
692695
{
693696
if (shm_mq_get_receiver(mq) == NULL)
697+
{
698+
*bytes_written = sent;
694699
return SHM_MQ_WOULD_BLOCK;
700+
}
695701
}
696702
else if (!shm_mq_wait_internal(mq, &mq->mq_receiver,
697703
mqh->mqh_handle))
698704
{
699705
mq->mq_detached = true;
706+
*bytes_written = sent;
700707
return SHM_MQ_DETACHED;
701708
}
702709
mqh->mqh_counterparty_attached = true;

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy