On Tue, Jun 23, 2026 at 3:47 PM Xing Guo <[email protected]> wrote: > A PL/Perl function returning a forged PostgreSQL::InServer::ARRAY > object (e.g., an empty hash blessed as that class) could cause a > segfault. This occurs because hv_fetch_string returns NULL pointer > when the "array" key is missing, and the code previously dereferenced > it without checking if the pointer itself was NULL.
+1. Good catch. Every other caller of hv_fetch_string checks the returned pointer. This is the only place missing that safety check. - Richard
