Обсуждение: BUG #16188: The usage of NULL pointer in rege_dfa.c
The following bug has been logged on the website: Bug reference: 16188 Logged by: Jian Zhang Email address: starbugs@qq.com PostgreSQL version: 12.1 Operating system: Linux Description: We checked the code in file “rege_dfa.c” and there is one error occurring in line 481. This error is caused by the usage of pointer with NULL value. The code in this line is “d->work = &d->statesarea[nss * wordsper];” We checked the code two lines before the error occurred line and the code is “d->statesarea = (unsigned *) MALLOC((nss + WORK) * wordsper *sizeof(unsigned));”. We found the code hasn’t checked weather the process “MALLOC” is success or not which directly define the value of the “statesarea” field of pointer “d”. This “statesarea” field of pointer “d” is used later in line 481. The program should check the effectiveness of the return value of function “MALLOC” to avoid this error.
PG Bug reporting form <noreply@postgresql.org> writes: > We checked the code in file “rege_dfa.c” and there is one error occurring in > line 481. This error is caused by the usage of pointer with NULL value. The > code in this line is “d->work = &d->statesarea[nss * wordsper];” We checked > the code two lines before the error occurred line and the code is > “d->statesarea = (unsigned *) MALLOC((nss + WORK) * wordsper > *sizeof(unsigned));”. We found the code hasn’t checked weather the process > “MALLOC” is success or not which directly define the value of the > “statesarea” field of pointer “d”. I don't see any bug there. If the malloc for statesarea fails, the code will exit a few lines further down, without ever having dereferenced d->work. So whether d->work is a valid pointer or not is irrelevant. regards, tom lane