Introduced in commit c3afe8cf5a.
Someone issuing repeated "CREATE SUBSCRIPTION" commands where the
connection has no password and must_have_password is true will leak
malloc'd memory in the error path. Minor issue in practice, because I
suspect that a user privileged enough to create a subscription could
cause bigger problems.
It makes me wonder if we should use the resowner mechanism to track
pointers to malloc'd memory. Then we could use a standard pattern for
these kinds of cases, and it would also catch more remote issues, like
if a pstrdup() fails in an error path (which can happen a few lines up
if the parse fails).
Patch attached; intended for 16 and 17.
Regards,
Jeff Davis
From cbce9f5a6d1f7a7ce19473c45ac4cc74bca49c0e Mon Sep 17 00:00:00 2001
From: Jeff Davis <j...@j-davis.com>
Date: Fri, 12 Jan 2024 14:39:05 -0800
Subject: [PATCH] Fix memory leak in connection string validation.
Introduced in commit c3afe8cf5a.
Backpatch-through: 16
---
src/backend/replication/libpqwalreceiver/libpqwalreceiver.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/backend/replication/libpqwalreceiver/libpqwalreceiver.c b/src/backend/replication/libpqwalreceiver/libpqwalreceiver.c
index ead30f87c9..201c36cb22 100644
--- a/src/backend/replication/libpqwalreceiver/libpqwalreceiver.c
+++ b/src/backend/replication/libpqwalreceiver/libpqwalreceiver.c
@@ -284,10 +284,15 @@ libpqrcv_check_conninfo(const char *conninfo, bool must_use_password)
}
if (!uses_password)
+ {
+ /* malloc'd, so we must free it explicitly */
+ PQconninfoFree(opts);
+
ereport(ERROR,
(errcode(ERRCODE_S_R_E_PROHIBITED_SQL_STATEMENT_ATTEMPTED),
errmsg("password is required"),
errdetail("Non-superusers must provide a password in the connection string.")));
+ }
}
PQconninfoFree(opts);
--
2.34.1
