Make get_controlfile not leak file descriptors When backend functions were added to expose controldata via SQL, reading of pg_control was consolidated under src/common so that both frontend and backend could share the same code. That move from frontend-only to shared frontend-backend failed to recognize the risk (and coding standards violation) of using a bare open(). In particular, it risked leaking file descriptors if transient errors occurred while reading the file. Fix that by using OpenTransientFile() instead in the backend case, which is purpose-built for this type of usage.
Since there have been no complaints from the field, and an intermittent failure low risk, no backpatch. Hard failure would of course be bad, but in that case these functions are probably the least of your worries. Author: Joe Conway Reviewed-By: Michael Paquier Reported by: Michael Paquier Discussion: https://postgr.es/m/20190227074728.ga15...@paquier.xyz Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/4598a99cf22de0dbab975d9c87ce16fd53146aca Modified Files -------------- src/common/controldata_utils.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-)
