Hi, Please find attached a patch implementing an old FIXME comment [1] about validating the event mask in ModifyWaitEvent(). To prevent callers of ModifyWaitEvent() from passing invalid flags that can be silently accepted, I propose adding two checks:
1. Prevent setting socket wait flags on an event that has no socket, mirroring line 600 of AddWaitEventToSet() [2]. 2. Prevent promoting a non-latch event to a latch event through ModifyWaitEvent(). The setup for latch events is handled in AddWaitEventToSet(), but not supported in ModifyWaitEvent(). For example, AddWaitEventToSet() enforces "cannot wait on more than one latch" [3] per set, registering the latch pointer [4], and handles platform-specific latch behavior [5]. We do still allow the behavior documented in the comment for ModifyWaitEvent() [6] about setting a latch to NULL to disable it, and enabling again as a latch later. [1] The commit adding this code dates back to 2016, added in https://github.com/postgres/postgres/commit/98a64d0bd71#diff-6e542ba2eb1d83ef90e65cdc0912b51a295184701c7e3bd236937c43c4cac4b9R704 [2] https://github.com/postgres/postgres/blob/master/src/backend/storage/ipc/waiteventset.c#L600 [3] https://github.com/postgres/postgres/blob/master/src/backend/storage/ipc/waiteventset.c#L588-L589 [4] https://github.com/postgres/postgres/blob/master/src/backend/storage/ipc/waiteventset.c#L614-L615 [5] https://github.com/postgres/postgres/blob/master/src/backend/storage/ipc/waiteventset.c#L616-L619 [6] https://github.com/postgres/postgres/blob/master/src/backend/storage/ipc/waiteventset.c#L650-L651
diff --git a/src/backend/storage/ipc/waiteventset.c b/src/backend/storage/ipc/waiteventset.c index 0f228e1e7b8..098cff06a5d 100644 --- a/src/backend/storage/ipc/waiteventset.c +++ b/src/backend/storage/ipc/waiteventset.c @@ -695,7 +695,12 @@ ModifyWaitEvent(WaitEventSet *set, int pos, uint32 events, Latch *latch) if (event->events & WL_LATCH_SET && events != event->events) elog(ERROR, "cannot modify latch event"); - /* FIXME: validate event mask */ + /* Validate event mask */ + if ((events & WL_SOCKET_MASK) && event->fd == PGINVALID_SOCKET) + elog(ERROR, "cannot wait on socket event without a socket"); + if ((events & WL_LATCH_SET) && !(event->events & WL_LATCH_SET)) + elog(ERROR, "cannot modify non-latch event to wait on latch"); + event->events = events; if (events == WL_LATCH_SET)
