Re: Plug minor memleak in pg_dump

Hi,

I noticed a minor memleak in pg_dump. ReadStr() returns a malloc'ed pointer which
should then be freed. While reading the Table of Contents, it was called as an argument
within a function call, leading to a memleak.

Please accept the attached as a proposed fix.

Cheers,

//Georgios

On Tue, Feb 1, 2022 at 7:06 PM <gkokolatos(at)pm(dot)me> wrote:
>
> Hi,
>
> I noticed a minor memleak in pg_dump. ReadStr() returns a malloc'ed pointer which
> should then be freed. While reading the Table of Contents, it was called as an argument
> within a function call, leading to a memleak.
>
> Please accept the attached as a proposed fix.

+1. IMO, having "restoring tables WITH OIDS is not supported anymore"
twice doesn't look good, how about as shown in [1]?

[1]
diff --git a/src/bin/pg_dump/pg_backup_archiver.c
b/src/bin/pg_dump/pg_backup_archiver.c
index 49bf0907cd..777ff6fcfe 100644
--- a/src/bin/pg_dump/pg_backup_archiver.c
+++ b/src/bin/pg_dump/pg_backup_archiver.c
@@ -2494,6 +2494,7 @@ ReadToc(ArchiveHandle *AH)
int depIdx;
int depSize;
TocEntry *te;
+ bool is_supported = true;

AH->tocCount = ReadInt(AH);
AH->maxDumpId = 0;
@@ -2574,7 +2575,20 @@ ReadToc(ArchiveHandle *AH)
te->tableam = ReadStr(AH);

te->owner = ReadStr(AH);
- if (AH->version < K_VERS_1_9 || strcmp(ReadStr(AH),
"true") == 0)
+
+ if (AH->version < K_VERS_1_9)
+ is_supported = false;
+ else
+ {
+ tmp = ReadStr(AH);
+
+ if (strcmp(tmp, "true") == 0)
+ is_supported = false;
+
+ pg_free(tmp);
+ }
+
+ if (!is_supported)
pg_log_warning("restoring tables WITH OIDS is
not supported anymore");

/* Read TOC entry dependencies */

Regards,
Bharath Rupireddy.

At Tue, 1 Feb 2022 19:48:01 +0530, Bharath Rupireddy <bharath(dot)rupireddyforpostgres(at)gmail(dot)com> wrote in
> On Tue, Feb 1, 2022 at 7:06 PM <gkokolatos(at)pm(dot)me> wrote:
> >
> > Hi,
> >
> > I noticed a minor memleak in pg_dump. ReadStr() returns a malloc'ed pointer which
> > should then be freed. While reading the Table of Contents, it was called as an argument
> > within a function call, leading to a memleak.
> >
> > Please accept the attached as a proposed fix.

It is freed in other temporary use of the result of ReadStr(). So
freeing it sounds sensible at a glance.

> +1. IMO, having "restoring tables WITH OIDS is not supported anymore"
> twice doesn't look good, how about as shown in [1]?

Maybe [2] is smaller :)

--- a/src/bin/pg_dump/pg_backup_archiver.c
+++ b/src/bin/pg_dump/pg_backup_archiver.c
@@ -2494,6 +2494,7 @@ ReadToc(ArchiveHandle *AH)
int depIdx;
int depSize;
TocEntry *te;
+ char *tmpstr = NULL;

AH->tocCount = ReadInt(AH);
AH->maxDumpId = 0;
@@ -2574,8 +2575,14 @@ ReadToc(ArchiveHandle *AH)
te->tableam = ReadStr(AH);

te->owner = ReadStr(AH);
- if (AH->version < K_VERS_1_9 || strcmp(ReadStr(AH), "true") == 0)
+ if (AH->version < K_VERS_1_9 ||
+ strcmp((tmpstr = ReadStr(AH)), "true") == 0)
pg_log_warning("restoring tables WITH OIDS is not supported anymore");
+ if (tmpstr)
+ {
+ pg_free(tmpstr);
+ tmpstr = NULL;
+ }

/* Read TOC entry dependencies */

Thus.. I came to doubt of its worthiness to the complexity. The
amount of the leak is (perhaps) negligible.

So, I would just write a comment there.

+++ b/src/bin/pg_dump/pg_backup_archiver.c
@@ -2574,6 +2574,8 @@ ReadToc(ArchiveHandle *AH)
te->tableam = ReadStr(AH);

te->owner = ReadStr(AH);
+
+ /* deliberately leak the result of ReadStr for simplicity */
if (AH->version < K_VERS_1_9 || strcmp(ReadStr(AH), "true") == 0)
pg_log_warning("restoring tables WITH OIDS is not supported anymore");

regards.

--
Kyotaro Horiguchi
NTT Open Source Software Center

> On 2 Feb 2022, at 09:29, Kyotaro Horiguchi <horikyota(dot)ntt(at)gmail(dot)com> wrote:
>
> At Tue, 1 Feb 2022 19:48:01 +0530, Bharath Rupireddy <bharath(dot)rupireddyforpostgres(at)gmail(dot)com> wrote in
>> On Tue, Feb 1, 2022 at 7:06 PM <gkokolatos(at)pm(dot)me> wrote:
>>>
>>> Hi,
>>>
>>> I noticed a minor memleak in pg_dump. ReadStr() returns a malloc'ed pointer which
>>> should then be freed. While reading the Table of Contents, it was called as an argument
>>> within a function call, leading to a memleak.
>>>
>>> Please accept the attached as a proposed fix.
>
> It is freed in other temporary use of the result of ReadStr(). So
> freeing it sounds sensible at a glance.
>
>> +1. IMO, having "restoring tables WITH OIDS is not supported anymore"
>> twice doesn't look good, how about as shown in [1]?
>
> Maybe [2] is smaller :)

It is smaller, but I think Bharath's version wins in terms of readability.

> Thus.. I came to doubt of its worthiness to the complexity. The
> amount of the leak is (perhaps) negligible.
>
> So, I would just write a comment there.

The leak itself is clearly not something to worry about wrt memory pressure.
We do read into tmp and free it in other places in the same function though (as
you note above), so for code consistency alone this is worth doing IMO (and it
reduces the risk of static analyzers flagging this).

Unless objected to I will go ahead with getting this committed.

--
Daniel Gustafsson https://vmware.com/

On Wed, Feb 02, 2022 at 10:06:13AM +0100, Daniel Gustafsson wrote:
> The leak itself is clearly not something to worry about wrt memory pressure.
> We do read into tmp and free it in other places in the same function though (as
> you note above), so for code consistency alone this is worth doing IMO (and it
> reduces the risk of static analyzers flagging this).
>
> Unless objected to I will go ahead with getting this committed.

Looks like you forgot to apply that?
--
Michael

On Wed, Feb 9, 2022 at 8:26 AM Michael Paquier <michael(at)paquier(dot)xyz> wrote:
>
> On Wed, Feb 02, 2022 at 10:06:13AM +0100, Daniel Gustafsson wrote:
> > The leak itself is clearly not something to worry about wrt memory pressure.
> > We do read into tmp and free it in other places in the same function though (as
> > you note above), so for code consistency alone this is worth doing IMO (and it
> > reduces the risk of static analyzers flagging this).
> >
> > Unless objected to I will go ahead with getting this committed.
>
> Looks like you forgot to apply that?

Attaching the patch that I suggested above, also the original patch
proposed by Georgios is at [1], leaving the decision to the committer
to pick up the best one.

[1] /message-id/oZwKiUxFsVaetG2xOJp7Hwao8F1AKIdfFDQLNJrnwoaxmjyB-45r_aYmhgXHKLcMI3GT24m9L6HafSi2ns7WFxXe0mw2_tIJpD-Z3vb_eyI%3D%40pm.me

Regards,
Bharath Rupireddy.

> On 9 Feb 2022, at 03:56, Michael Paquier <michael(at)paquier(dot)xyz> wrote:
>
> On Wed, Feb 02, 2022 at 10:06:13AM +0100, Daniel Gustafsson wrote:
>> The leak itself is clearly not something to worry about wrt memory pressure.
>> We do read into tmp and free it in other places in the same function though (as
>> you note above), so for code consistency alone this is worth doing IMO (and it
>> reduces the risk of static analyzers flagging this).
>>
>> Unless objected to I will go ahead with getting this committed.
>
> Looks like you forgot to apply that?

No, but I was distracted by other things leaving this on the TODO list. It's
been pushed now.

--
Daniel Gustafsson https://vmware.com/