granicus.if.org Git - postgresql/commit

author	Tom Lane <tgl@sss.pgh.pa.us>
	Wed, 8 Nov 2017 21:50:13 +0000 (16:50 -0500)
committer	Tom Lane <tgl@sss.pgh.pa.us>
	Wed, 8 Nov 2017 21:50:13 +0000 (16:50 -0500)
commit	b89ad383da7dfcf1c5888076d60bb914c6169ec6
tree	7bc1ecf4a5f0847d018a037d6115bfeba439a9d0	tree \| snapshot
parent	1a93c2536a75e7759420e8f9a95e2076da9135df	commit \| diff

Fix two violations of the ResourceOwnerEnlarge/Remember protocol.

The point of having separate ResourceOwnerEnlargeFoo and
ResourceOwnerRememberFoo functions is so that resource allocation
can happen in between.  Doing it in some other order is just wrong.

OpenTemporaryFile() did open(), enlarge, remember, which would leak the
open file if the enlarge step ran out of memory.  Because fd.c has its own
layer of resource-remembering, the consequences look like they'd be limited
to an intratransaction FD leak, but it's still not good.

IncrBufferRefCount() did enlarge, remember, incr-refcount, which would blow
up if the incr-refcount step ever failed.  It was safe enough when written,
but since the introduction of PrivateRefCountHash, I think the assumption
that no error could happen there is pretty shaky.

The odds of real problems from either bug are probably small, but still,
back-patch to supported branches.

Thomas Munro and Tom Lane, per a comment from Andres Freund

src/backend/storage/buffer/bufmgr.c		diff \| blob \| history
src/backend/storage/file/fd.c		diff \| blob \| history