From: Stephen Frost Date: Fri, 6 Jan 2017 20:27:47 +0000 (-0500) Subject: Protect against NULL-dereference in pg_dump X-Git-Tag: REL_10_BETA1~1144 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d74ecbc8d85eb7a2aa1d5516c5c38d6ab0cbbd82;p=postgresql Protect against NULL-dereference in pg_dump findTableByOid() is allowed to return NULL and we should therefore be checking for that case. getOwnedSeqs() and dumpSequence() shouldn't ever actually see this happen, but given odd circumstances it might and commit f9e439b1 probably shouldn't have removed that check. Pointed out by Coverity. Initial patch from Michael Paquier. Back-patch to 9.6, where that commit had removed the check. --- diff --git a/src/bin/pg_dump/pg_dump.c b/src/bin/pg_dump/pg_dump.c index 6a53a05129..c1084aaf8d 100644 --- a/src/bin/pg_dump/pg_dump.c +++ b/src/bin/pg_dump/pg_dump.c @@ -5643,6 +5643,9 @@ getOwnedSeqs(Archive *fout, TableInfo tblinfo[], int numTables) continue; /* not an owned sequence */ owning_tab = findTableByOid(seqinfo->owning_tab); + if (owning_tab == NULL) + exit_horribly(NULL, "failed sanity check, parent table OID %u of sequence OID %u not found\n", + seqinfo->owning_tab, seqinfo->dobj.catId.oid); /* * We need to dump the components that are being dumped for the table @@ -15583,7 +15586,11 @@ dumpSequence(Archive *fout, TableInfo *tbinfo) { TableInfo *owning_tab = findTableByOid(tbinfo->owning_tab); - if (owning_tab && owning_tab->dobj.dump & DUMP_COMPONENT_DEFINITION) + if (owning_tab == NULL) + exit_horribly(NULL, "failed sanity check, parent table OID %u of sequence OID %u not found\n", + tbinfo->owning_tab, tbinfo->dobj.catId.oid); + + if (owning_tab->dobj.dump & DUMP_COMPONENT_DEFINITION) { resetPQExpBuffer(query); appendPQExpBuffer(query, "ALTER SEQUENCE %s",