From db7e953adde14689e885659b5c20037f98eaf294 Mon Sep 17 00:00:00 2001 From: Heikki Linnakangas Date: Wed, 25 Sep 2013 16:02:00 +0300 Subject: [PATCH] Plug memory leak in range_cmp function. B-tree operators are not allowed to leak memory into the current memory context. Range_cmp leaked detoasted copies of the arguments. That caused a quick out-of-memory error when creating an index on a range column. Reported by Marian Krucina, bug #8468. --- src/backend/utils/adt/rangetypes.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/src/backend/utils/adt/rangetypes.c b/src/backend/utils/adt/rangetypes.c index fe9e0c4bc6..4b76287e90 100644 --- a/src/backend/utils/adt/rangetypes.c +++ b/src/backend/utils/adt/rangetypes.c @@ -1120,16 +1120,22 @@ range_cmp(PG_FUNCTION_ARGS) /* For b-tree use, empty ranges sort before all else */ if (empty1 && empty2) - PG_RETURN_INT32(0); + cmp = 0; else if (empty1) - PG_RETURN_INT32(-1); + cmp = -1; else if (empty2) - PG_RETURN_INT32(1); + cmp = 1; + else + { + cmp = range_cmp_bounds(typcache, &lower1, &lower2); + if (cmp == 0) + cmp = range_cmp_bounds(typcache, &upper1, &upper2); + } - if ((cmp = range_cmp_bounds(typcache, &lower1, &lower2)) != 0) - PG_RETURN_INT32(cmp); + PG_FREE_IF_COPY(r1, 0); + PG_FREE_IF_COPY(r2, 1); - PG_RETURN_INT32(range_cmp_bounds(typcache, &upper1, &upper2)); + PG_RETURN_INT32(cmp); } /* inequality operators using the range_cmp function */ -- 2.40.0