From 37851e8043adce3762a2054223279149bdcb516d Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Thu, 16 Oct 2008 13:23:57 +0000 Subject: [PATCH] Fix SPI_getvalue and SPI_getbinval to range-check the given attribute number according to the TupleDesc's natts, not the number of physical columns in the tuple. The previous coding would do the wrong thing in cases where natts is different from the tuple's column count: either incorrectly report error when it should just treat the column as null, or actually crash due to indexing off the end of the TupleDesc's attribute array. (The second case is probably not possible in modern PG versions, due to more careful handling of inheritance cases than we once had. But it's still a clear lack of robustness here.) The incorrect error indication is ignored by all callers within the core PG distribution, so this bug has no symptoms visible within the core code, but it might well be an issue for add-on packages. So patch all the way back. --- src/backend/executor/spi.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/backend/executor/spi.c b/src/backend/executor/spi.c index 220de0ba93..5a886106a9 100644 --- a/src/backend/executor/spi.c +++ b/src/backend/executor/spi.c @@ -559,7 +559,7 @@ SPI_getvalue(HeapTuple tuple, TupleDesc tupdesc, int fnumber) SPI_result = 0; - if (fnumber > tuple->t_data->t_natts || fnumber == 0 || + if (fnumber > tupdesc->natts || fnumber == 0 || fnumber <= FirstLowInvalidHeapAttributeNumber) { SPI_result = SPI_ERROR_NOATTRIBUTE; @@ -609,7 +609,7 @@ SPI_getbinval(HeapTuple tuple, TupleDesc tupdesc, int fnumber, bool *isnull) { SPI_result = 0; - if (fnumber > tuple->t_data->t_natts || fnumber == 0 || + if (fnumber > tupdesc->natts || fnumber == 0 || fnumber <= FirstLowInvalidHeapAttributeNumber) { SPI_result = SPI_ERROR_NOATTRIBUTE; -- 2.39.5