Fix set of issues with memory-allocation system calls in frontend code

Like the backend, the frontend has wrappers on top of malloc() and such
whose use is recommended.  Particularly, it is possible to do memory
allocation without issuing an error.  Some binaries missed the use of
those wrappers, so let's fix the gap for consistency.

This also fixes two latent bugs:
- In pg_dump/pg_dumpall when parsing an ACL item, on an out-of-memory
error for strdup(), the code considered the failure as a ACL parsing
problem instead of an actual OOM.
- In pg_waldump, an OOM when building the target directory string would
cause a crash.

Author: Daniel Gustafsson
Discussion: https://postgr.es/m/gY0y9xenfoBPc-Tufsr2Zg-MmkrJslm0Tw_CMg4p_j58-k_PXNC0klMdkKQkg61BkXC9_uWo-DcUzfxnHqpkpoR5jjVZrPHqKYikcHIiONhg=@yesql.se

diff --git a/src/bin/pg_ctl/pg_ctl.c b/src/bin/pg_ctl/pg_ctl.c
index febb076ee6f8c9fde94ec04df4aff75c64827941..400763dea787d247cc254dc4217869537148b195 100644 (file)
--- a/src/bin/pg_ctl/pg_ctl.c
+++ b/src/bin/pg_ctl/pg_ctl.c
@@ -1979,7 +1979,8 @@ GetPrivilegesToDelete(HANDLE hToken)
                return NULL;
        }
 
-       tokenPrivs = (PTOKEN_PRIVILEGES) malloc(length);
+       tokenPrivs = (PTOKEN_PRIVILEGES) pg_malloc_extended(length,
+                                                                                                               MCXT_ALLOC_NO_OOM);
        if (tokenPrivs == NULL)
        {
                write_stderr(_("%s: out of memory\n"), progname);

diff --git a/src/bin/pg_dump/dumputils.c b/src/bin/pg_dump/dumputils.c
index 65e221157b3a697ff0c7d210220122146a2c70d9..67691eb57a841843975be75f0d4bfe37aecd7329 100644 (file)
--- a/src/bin/pg_dump/dumputils.c
+++ b/src/bin/pg_dump/dumputils.c
@@ -481,15 +481,13 @@ parseAclItem(const char *item, const char *type,
        char       *slpos;
        char       *pos;
 
-       buf = strdup(item);
-       if (!buf)
-               return false;
+       buf = pg_strdup(item);
 
        /* user or group name is string up to = */
        eqpos = copyAclUserName(grantee, buf);
        if (*eqpos != '=')
        {
-               free(buf);
+               pg_free(buf);
                return false;
        }
 
@@ -501,13 +499,13 @@ parseAclItem(const char *item, const char *type,
                slpos = copyAclUserName(grantor, slpos);
                if (*slpos != '\0')
                {
-                       free(buf);
+                       pg_free(buf);
                        return false;
                }
        }
        else
        {
-               free(buf);
+               pg_free(buf);
                return false;
        }
 
@@ -617,7 +615,7 @@ do { \
                        appendPQExpBuffer(privs, "(%s)", subname);
        }
 
-       free(buf);
+       pg_free(buf);
 
        return true;
 }

diff --git a/src/bin/pg_test_fsync/pg_test_fsync.c b/src/bin/pg_test_fsync/pg_test_fsync.c
index f7021017429f6c79624997a08e29a9d42fb02372..83771061a466f1bbb2e9785c594404ca54c55d81 100644 (file)
--- a/src/bin/pg_test_fsync/pg_test_fsync.c
+++ b/src/bin/pg_test_fsync/pg_test_fsync.c
@@ -170,7 +170,7 @@ handle_args(int argc, char *argv[])
                switch (option)
                {
                        case 'f':
-                               filename = strdup(optarg);
+                               filename = pg_strdup(optarg);
                                break;
 
                        case 's':

diff --git a/src/bin/pg_waldump/pg_waldump.c b/src/bin/pg_waldump/pg_waldump.c
index e106fb2ed1e35f34dcbbde448eaeed6f93ad8eef..f61505ade36143123df11a09e60d24e65da45fcb 100644 (file)
--- a/src/bin/pg_waldump/pg_waldump.c
+++ b/src/bin/pg_waldump/pg_waldump.c
@@ -247,7 +247,7 @@ identify_target_directory(XLogDumpPrivate *private, char *directory,
        {
                if (search_directory(directory, fname))
                {
-                       private->inpath = strdup(directory);
+                       private->inpath = pg_strdup(directory);
                        return;
                }
 
@@ -255,7 +255,7 @@ identify_target_directory(XLogDumpPrivate *private, char *directory,
                snprintf(fpath, MAXPGPATH, "%s/%s", directory, XLOGDIR);
                if (search_directory(fpath, fname))
                {
-                       private->inpath = strdup(fpath);
+                       private->inpath = pg_strdup(fpath);
                        return;
                }
        }
@@ -266,13 +266,13 @@ identify_target_directory(XLogDumpPrivate *private, char *directory,
                /* current directory */
                if (search_directory(".", fname))
                {
-                       private->inpath = strdup(".");
+                       private->inpath = pg_strdup(".");
                        return;
                }
                /* XLOGDIR */
                if (search_directory(XLOGDIR, fname))
                {
-                       private->inpath = strdup(XLOGDIR);
+                       private->inpath = pg_strdup(XLOGDIR);
                        return;
                }
 
@@ -283,7 +283,7 @@ identify_target_directory(XLogDumpPrivate *private, char *directory,
                        snprintf(fpath, MAXPGPATH, "%s/%s", datadir, XLOGDIR);
                        if (search_directory(fpath, fname))
                        {
-                               private->inpath = strdup(fpath);
+                               private->inpath = pg_strdup(fpath);
                                return;
                        }
                }

diff --git a/src/bin/psql/large_obj.c b/src/bin/psql/large_obj.c
index c12f4326e32f16f78d988eaf2190a776627aaaee..cecb4897f5a20bce04818a47acb86ef84843a40d 100644 (file)
--- a/src/bin/psql/large_obj.c
+++ b/src/bin/psql/large_obj.c
@@ -200,7 +200,7 @@ do_lo_import(const char *filename_arg, const char *comment_arg)
                char       *bufptr;
                size_t          slen = strlen(comment_arg);
 
-               cmdbuf = malloc(slen * 2 + 256);
+               cmdbuf = pg_malloc_extended(slen * 2 + 256, MCXT_ALLOC_NO_OOM);
                if (!cmdbuf)
                        return fail_lo_xact("\\lo_import", own_transaction);
                sprintf(cmdbuf, "COMMENT ON LARGE OBJECT %u IS '", loid);