BUG #16953: OOB access while converting "interval" to char - Mailing list pgsql-bugs
| From | PG Bug reporting form |
|---|---|
| Subject | BUG #16953: OOB access while converting "interval" to char |
| Date | |
| Msg-id | 16953-f255a18f8c51f1d5@postgresql.org Whole thread Raw |
| Responses |
Re: BUG #16953: OOB access while converting "interval" to char
|
| List | pgsql-bugs |
The following bug has been logged on the website: Bug reference: 16953 Logged by: Theodor Arsenij Larionov-Trichkin Email address: t.larionov@postgrespro.ru PostgreSQL version: 13.2 Operating system: Ubuntu 20.04.2 LTS Description: Hello! How to reproduce: 1. mkdir -p ./installation/databases 2. git clone --single-branch --depth=1 --branch=REL_13_2 https://github.com/postgres/postgres postgres_src 3. cd postgres_src 4. ./configure --prefix=`pwd`/../installation/pgbuild 5. make -j20 && make install && cd .. 6. ./installation/pgbuild/bin/initdb -U username -D ./installation/databases/db_clean 7. ./installation/pgbuild/bin/postgres -D ./installation/databases/db_clean/ 8. ./installation/pgbuild/bin/psql -h 127.0.0.1 -p 5432 -U username postgres 9. Performing this query will result in OOB access of rm_months_lower array and as a result crash: SELECT * from TO_CHAR(interval '-1Mon', 'rm'); Output: 2021-04-07 12:07:27.060 MSK [33887] LOG: starting PostgreSQL 13.2 on x86_64-pc-linux-gnu, compiled by gcc (Ubuntu 9.3.0-17ubuntu1~20.04) 9.3.0, 64-bit 2021-04-07 12:07:27.060 MSK [33887] LOG: listening on IPv4 address "127.0.0.1", port 5432 2021-04-07 12:07:27.065 MSK [33887] LOG: listening on Unix socket "/tmp/.s.PGSQL.5432" 2021-04-07 12:07:27.069 MSK [33888] LOG: database system was shut down at 2021-04-07 12:07:22 MSK 2021-04-07 12:07:27.071 MSK [33887] LOG: database system is ready to accept connections 2021-04-07 12:08:01.013 MSK [33887] LOG: server process (PID 34113) was terminated by signal 11: Segmentation fault 2021-04-07 12:08:01.013 MSK [33887] DETAIL: Failed process was running: SELECT * from TO_CHAR(interval '-1Mon', 'rm'); 2021-04-07 12:08:01.013 MSK [33887] LOG: terminating any other active server processes 2021-04-07 12:08:01.013 MSK [33892] WARNING: terminating connection because of crash of another server process 2021-04-07 12:08:01.013 MSK [33892] DETAIL: The postmaster has commanded this server process to roll back the current transaction and exit, because another server process exited abnormally and possibly corrupted shared memory. 2021-04-07 12:08:01.013 MSK [33892] HINT: In a moment you should be able to reconnect to the database and repeat your command. 2021-04-07 12:08:01.013 MSK [35036] FATAL: the database system is in recovery mode 2021-04-07 12:08:01.014 MSK [33887] LOG: all server processes terminated; reinitializing 2021-04-07 12:08:01.027 MSK [35038] LOG: database system was interrupted; last known up at 2021-04-07 12:07:27 MSK 2021-04-07 12:08:01.248 MSK [35038] LOG: database system was not properly shut down; automatic recovery in progress 2021-04-07 12:08:01.249 MSK [35038] LOG: redo starts at 0/1559798 2021-04-07 12:08:01.249 MSK [35038] LOG: invalid record length at 0/15597D0: wanted 24, got 0 2021-04-07 12:08:01.249 MSK [35038] LOG: redo done at 0/1559798 2021-04-07 12:08:01.256 MSK [33887] LOG: database system is ready to accept connections Postgres version: PostgreSQL 13.2 on x86_64-pc-linux-gnu, compiled by gcc (Ubuntu 9.3.0-17ubuntu1~20.04) 9.3.0, 64-bit
pgsql-bugs by date: