Bug #130721 for DBD-Pg: Segfault when accessing pg_error

Thu Oct 17 05:25:59 2019 MAROS [...] cpan.org - Ticket created

Subject:

Segfault when accessing pg_error_field

When accessing an invalid pg_error_field column DBD-Pg produces a segfault. This simple script triggers the segfault: use DBI; my $dbh; $dbh = DBI->connect('dbi:Pg:dbname=testdb','','', { HandleError => sub { if ($dbh->state eq "23502") { say ".".$dbh->pg_error_field("constraint") } } }); $dbh->do("CREATE TEMPORARY TABLE tst (key integer NOT NULL)"); $dbh->do("INSERT INTO tst (key) VALUES(NULL)") The last couple of lines of strace: connect(3, {sa_family=AF_UNIX, sun_path="/var/run/postgresql/.s.PGSQL.5432"}, 110) = 0 getsockopt(3, SOL_SOCKET, SO_ERROR, [0], [4]) = 0 getsockname(3, {sa_family=AF_UNIX}, [128->2]) = 0 poll([{fd=3, events=POLLOUT|POLLERR}], 1, -1) = 1 ([{fd=3, revents=POLLOUT}]) sendto(3, "\0\0\0(\0\3\0\0user\0root\0database\0kalid"..., 40, MSG_NOSIGNAL, NULL, 0) = 40 poll([{fd=3, events=POLLIN|POLLERR}], 1, -1) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "R\0\0\0\10\0\0\0\0S\0\0\0\26application_name\0\0"..., 16384, 0, NULL, NULL) = 325 getpid() = 27757 sendto(3, "Q\0\0\0006CREATE TEMPORARY TABLE tst "..., 55, MSG_NOSIGNAL, NULL, 0) = 55 poll([{fd=3, events=POLLIN|POLLERR}], 1, -1) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "C\0\0\0\21CREATE TABLE\0Z\0\0\0\5I", 16384, 0, NULL, NULL) = 24 write(1, "0E0\n", 40E0 ) = 4 sendto(3, "Q\0\0\0'INSERT INTO tst (key) VALUE"..., 40, MSG_NOSIGNAL, NULL, 0) = 40 poll([{fd=3, events=POLLIN|POLLERR}], 1, -1) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "E\0\0\0\251SERROR\0VERROR\0C23502\0Mnull "..., 16384, 0, NULL, NULL) = 170 open("/usr/share/locale/C.UTF-8/LC_MESSAGES/libpq5-11.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/C.utf8/LC_MESSAGES/libpq5-11.mo", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/C/LC_MESSAGES/libpq5-11.mo", O_RDONLY) = -1 ENOENT (No such file or directory) poll([{fd=3, events=POLLIN|POLLERR}], 1, -1) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "Z\0\0\0\5I", 16384, 0, NULL, NULL) = 6 --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0xc} --- +++ killed by SIGSEGV +++ Segmentation fault I'm using DBD-Pg v3.9.1 under perl 5.22.3 Summary of my perl5 (revision 5 version 22 subversion 3) configuration: Platform: osname=linux, osvers=4.9.0-9-amd64, archname=x86_64-linux uname='linux buildslave 4.9.0-9-amd64 #1 smp debian 4.9.168-1+deb9u4 (2019-07-19) x86_64 gnulinux ' config_args='-Dprefix=/opt/gh/perl-5.22.3-live -des -Dusedevel -Duseshrplib -Accflags=-DNO_TAINT_SUPPORT -Accflags=-mtune=core2 -Accflags=-fPIC -Accflags=-DPERL_DISABLE_PMC -Accflags=-ggdb -Dman1dir=none -Dman3dir=none -A'eval:scriptdir=/opt/gh/perl-5.22.3-live/bin'' hint=recommended, useposix=true, d_sigaction=define useithreads=undef, usemultiplicity=undef use64bitint=define, use64bitall=define, uselongdouble=undef usemymalloc=n, bincompat5005=undef Compiler: cc='cc', ccflags ='-DNO_TAINT_SUPPORT -mtune=core2 -fPIC -DPERL_DISABLE_PMC -ggdb -fwrapv -fno-strict-aliasing -pipe -fstack-protector-strong -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64', optimize='-O2', cppflags='-DNO_TAINT_SUPPORT -mtune=core2 -fPIC -DPERL_DISABLE_PMC -ggdb -fwrapv -fno-strict-aliasing -pipe -fstack-protector-strong -I/usr/local/include' ccversion='', gccversion='6.3.0 20170516', gccosandvers='' intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678, doublekind=3 d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16, longdblkind=3 ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8 alignbytes=8, prototype=define Linker and Libraries: ld='cc', ldflags =' -fstack-protector-strong -L/usr/local/lib' libpth=/usr/local/lib /usr/lib/gcc/x86_64-linux-gnu/6/include-fixed /usr/include/x86_64-linux-gnu /usr/lib /lib/x86_64-linux-gnu /lib/../lib /usr/lib/x86_64-linux-gnu /usr/lib/../lib /lib libs=-lpthread -lnsl -lgdbm -ldb -ldl -lm -lcrypt -lutil -lc -lgdbm_compat perllibs=-lpthread -lnsl -ldl -lm -lcrypt -lutil -lc libc=libc-2.24.so, so=so, useshrplib=true, libperl=libperl.so gnulibc_version='2.24' Dynamic Linking: dlsrc=dl_dlopen.xs, dlext=so, d_dlsymun=undef, ccdlflags='-Wl,-E -Wl,-rpath,/opt/gh/perl-5.22.3-live/lib/5.22.3/x86_64-linux/CORE' cccdlflags='-fPIC', lddlflags='-shared -O2 -L/usr/local/lib -fstack-protector-strong' Characteristics of this binary (from libperl): Compile-time options: HAS_TIMES NO_TAINT_SUPPORT PERLIO_LAYERS PERL_DISABLE_PMC PERL_DONT_CREATE_GVSV PERL_HASH_FUNC_ONE_AT_A_TIME_HARD PERL_MALLOC_WRAP PERL_NEW_COPY_ON_WRITE PERL_PRESERVE_IVUV PERL_USE_DEVEL USE_64_BIT_ALL USE_64_BIT_INT USE_LARGE_FILES USE_LOCALE USE_LOCALE_COLLATE USE_LOCALE_CTYPE USE_LOCALE_NUMERIC USE_LOCALE_TIME USE_PERLIO USE_PERL_ATOF Locally applied patches: Devel::PatchPerl 1.52 Built under linux Compiled at Sep 2 2019 09:20:18

Thu Oct 17 10:16:55 2019 greg [...] turnstep.com - Correspondence added

Thank you for the report. I'm fixing a similar error related to pg_error_field for another ticket: it should fix this one as well. Will add a test to make sure and update this ticket when done.

Thu Oct 17 10:16:56 2019 The RT System itself - Status changed from 'new' to 'open'

Thu Oct 17 10:16:57 2019 greg [...] turnstep.com - Taken

Thu Oct 17 10:21:04 2019 greg [...] turnstep.com - Broken in 3.9.0 added

Thu Oct 17 10:21:04 2019 greg [...] turnstep.com - Broken in 3.9.1 added

Thu Jan 09 13:48:28 2020 greg [...] turnstep.com - Correspondence added

Attempted fix in 573ea90370c99f22d7ed69c133a10bcd4601ee49

Sun Jan 19 08:28:50 2020 greg [...] turnstep.com - Status changed from 'open' to 'resolved'

Sun Jan 19 08:28:50 2020 greg [...] turnstep.com - Fixed in 3.10.1 added

Sun Jan 19 08:28:50 2020 greg [...] turnstep.com - Broken in 3.9.1 deleted

Bug #130721 for DBD-Pg: Segfault when accessing pg_error_field