Hi all,
Coverity is pointing out that as argtypes = NULL in plperl_call_perl_func@plperl.c, we will have a pointer dereference if desc->arg_arraytype[i] is not a valid OID, see here: + Oid *argtypes = NULL; [...] + if (fcinfo->flinfo->fn_oid) + get_func_signature(fcinfo->flinfo->fn_oid, &argtypes, &nargs); [...] if (OidIsValid(desc->arg_arraytype[i])) sv = plperl_ref_from_pg_array(fcinfo->arg[i], desc->arg_arraytype[i]); + else if ((funcid = get_transform_fromsql(argtypes[i], current_call_data->prodesc->lang_oid, current_call_data->prodesc->trftypes))) + sv = (SV *) DatumGetPointer(OidFunctionCall1(funcid, fcinfo->arg[i])); AFAIK, fcinfo->flinfo->fn_oid can be InvalidOid in this code path, so shouldn't we protect a bit the code with something like the patch attached? Regards, -- Michael
diff --git a/src/pl/plperl/plperl.c b/src/pl/plperl/plperl.c index 840df2e..6a1d2bb 100644 --- a/src/pl/plperl/plperl.c +++ b/src/pl/plperl/plperl.c @@ -2100,8 +2100,11 @@ plperl_call_perl_func(plperl_proc_desc *desc, FunctionCallInfo fcinfo) PUSHMARK(SP); EXTEND(sp, desc->nargs); - if (fcinfo->flinfo->fn_oid) + if (OidIsValid(fcinfo->flinfo->fn_oid)) + { get_func_signature(fcinfo->flinfo->fn_oid, &argtypes, &nargs); + Assert(nargs == desc->nargs); + } for (i = 0; i < desc->nargs; i++) { @@ -2120,7 +2123,8 @@ plperl_call_perl_func(plperl_proc_desc *desc, FunctionCallInfo fcinfo) if (OidIsValid(desc->arg_arraytype[i])) sv = plperl_ref_from_pg_array(fcinfo->arg[i], desc->arg_arraytype[i]); - else if ((funcid = get_transform_fromsql(argtypes[i], current_call_data->prodesc->lang_oid, current_call_data->prodesc->trftypes))) + else if (OidIsValid(fcinfo->flinfo->fn_oid) && + (funcid = get_transform_fromsql(argtypes[i], current_call_data->prodesc->lang_oid, current_call_data->prodesc->trftypes))) sv = (SV *) DatumGetPointer(OidFunctionCall1(funcid, fcinfo->arg[i])); else {
-- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers