Avoid possible longjmp-induced logic error in PLy_trigger_build_args.

tglsfdc · tglsfdc · commit 30fe8a7ba07e · 2024-04-01T15:15:03.000-04:00
The "pltargs" variable wasn't marked volatile, which makes it unsafe to change its value within the PG_TRY block. It looks like the worst outcome would be to fail to release a refcount on Py_None during an (improbable) error exit, which would likely go unnoticed in the field. Still, it's a bug. A one-liner fix could be to mark pltargs volatile, but on the whole it seems cleaner to arrange things so that we don't change its value within PG_TRY. Per report from Xing Guo. This has been there for quite awhile, so back-patch to all supported branches. Discussion: https://postgr.es/m/CACpMh+DLrk=fDv07MNpBT4J413fDAm+gmMXgi8cjPONE+jvzuw@mail.gmail.com
diff --git a/src/pl/plpython/plpy_exec.c b/src/pl/plpython/plpy_exec.c
@@ -702,7 +702,7 @@ PLy_trigger_build_args(FunctionCallInfo fcinfo, PLyProcedure *proc, HeapTuple *r
 			   *pltrelid,
 			   *plttablename,
 			   *plttableschema,
-			   *pltargs = NULL,
+			   *pltargs,
 			   *pytnew,
 			   *pytold,
 			   *pltdata;
@@ -726,6 +726,11 @@ PLy_trigger_build_args(FunctionCallInfo fcinfo, PLyProcedure *proc, HeapTuple *r
 			return NULL;
 		}
 	}
+	else
+	{
+		Py_INCREF(Py_None);
+		pltargs = Py_None;
+	}
 
 	PG_TRY();
 	{
@@ -869,7 +874,7 @@ PLy_trigger_build_args(FunctionCallInfo fcinfo, PLyProcedure *proc, HeapTuple *r
 			PyObject   *pltarg;
 
 			/* pltargs should have been allocated before the PG_TRY block. */
-			Assert(pltargs);
+			Assert(pltargs && pltargs != Py_None);
 
 			for (i = 0; i < tdata->tg_trigger->tgnargs; i++)
 			{
@@ -883,8 +888,7 @@ PLy_trigger_build_args(FunctionCallInfo fcinfo, PLyProcedure *proc, HeapTuple *r
 		}
 		else
 		{
-			Py_INCREF(Py_None);
-			pltargs = Py_None;
+			Assert(pltargs == Py_None);
 		}
 		PyDict_SetItemString(pltdata, "args", pltargs);
 		Py_DECREF(pltargs);

Original file line number	Diff line number	Diff line change
`@@ -702,7 +702,7 @@ PLy_trigger_build_args(FunctionCallInfo fcinfo, PLyProcedure proc, HeapTuple r`
`702`	`702`	`*pltrelid,`
`703`	`703`	`*plttablename,`
`704`	`704`	`*plttableschema,`
`705`		`- *pltargs = NULL,`
	`705`	`+ *pltargs,`
`706`	`706`	`*pytnew,`
`707`	`707`	`*pytold,`
`708`	`708`	`*pltdata;`
`@@ -726,6 +726,11 @@ PLy_trigger_build_args(FunctionCallInfo fcinfo, PLyProcedure proc, HeapTuple r`
`726`	`726`	`return NULL;`
`727`	`727`	`}`
`728`	`728`	`}`
	`729`	`+ else`
	`730`	`+ {`
	`731`	`+ Py_INCREF(Py_None);`
	`732`	`+ pltargs = Py_None;`
	`733`	`+ }`
`729`	`734`
`730`	`735`	`PG_TRY();`
`731`	`736`	`{`
`@@ -869,7 +874,7 @@ PLy_trigger_build_args(FunctionCallInfo fcinfo, PLyProcedure proc, HeapTuple r`
`869`	`874`	`PyObject *pltarg;`
`870`	`875`
`871`	`876`	`/* pltargs should have been allocated before the PG_TRY block. */`
`872`		`- Assert(pltargs);`
	`877`	`+ Assert(pltargs && pltargs != Py_None);`
`873`	`878`
`874`	`879`	`for (i = 0; i < tdata->tg_trigger->tgnargs; i++)`
`875`	`880`	`{`
`@@ -883,8 +888,7 @@ PLy_trigger_build_args(FunctionCallInfo fcinfo, PLyProcedure proc, HeapTuple r`
`883`	`888`	`}`
`884`	`889`	`else`
`885`	`890`	`{`
`886`		`- Py_INCREF(Py_None);`
`887`		`- pltargs = Py_None;`
	`891`	`+ Assert(pltargs == Py_None);`
`888`	`892`	`}`
`889`	`893`	`PyDict_SetItemString(pltdata, "args", pltargs);`
`890`	`894`	`Py_DECREF(pltargs);`