Fix some incorrect memory handling

While running TimescaleDB under valgrind I've found two cases of incorrect memory handling. Case 1: When creating timescaledb extension, during the insertion of metadata there is some junk in memory that is not zeroed before writing there. Changes in metadata.c fix this. Case 2: When executing GRANT smth ON ALL TABLES IN SCHEMA some_schema and deconstructing this statement into granting to individual tables, process of copying names of those tables is wrong. Currently, you aren't copying the data itself, but an address to data on a page in some buffer. There's a problem - when the page in this buffer changes, copied address would lead to wrong data. Changes in process_utility.c fix this by allocating memory and then copying needed relname there. Fixes #5311
timescale · Feb 20, 2023 · f426122 · f426122
1 parent ce85546
commit f426122
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -19,9 +19,13 @@ accidentally triggering the load of a previous DB version.**
 * #5218 Add role-level security to job error log
 * #5214 Fix use of prepared statement in async module
 * #5290 Compression can't be enabled on continuous aggregates when segmentby/orderby columns need quotation
+* #5311 Fix incorrect memory handling when working with names
 * #5239 Fix next_start calculation for fixed schedules
 * #5336 Use NameData and namestrcpy for names
 
+**Thanks**
+* @Medvecrab for reporting incorrect memory handling when working with names
+
 ## 2.9.3 (2023-02-03)
 
 This release contains bug fixes since the 2.9.2 release.

diff --git a/src/process_utility.c b/src/process_utility.c
@@ -1505,7 +1505,8 @@ process_relations_in_namespace(GrantStmt *stmt, Name schema_name, Oid namespaceI
 
 	while ((tuple = heap_getnext(scan, ForwardScanDirection)) != NULL)
 	{
-		Name relname = &((Form_pg_class) GETSTRUCT(tuple))->relname;
+		Name relname = palloc(NAMEDATALEN);
+		namestrcpy(relname, NameStr(((Form_pg_class) GETSTRUCT(tuple))->relname));
 
 		/* these are being added for the first time into this list */
 		process_grant_add_by_name(stmt, false, schema_name, relname);

diff --git a/src/ts_catalog/metadata.c b/src/ts_catalog/metadata.c
@@ -141,7 +141,7 @@ ts_metadata_insert(const char *metadata_key, Datum metadata_value, Oid type,
 	bool isnull = false;
 	Catalog *catalog = ts_catalog_get();
 	Relation rel;
-	char key_data[NAMEDATALEN];
+	NameData key_data;
 
 	rel = table_open(catalog_get_table_id(catalog, METADATA), ShareRowExclusiveLock);
 
@@ -157,10 +157,10 @@ ts_metadata_insert(const char *metadata_key, Datum metadata_value, Oid type,
 
 	/* We have to copy the key here because heap_form_tuple will copy NAMEDATALEN
 	 * into the tuple instead of checking length. */
-	strlcpy(key_data, metadata_key, NAMEDATALEN);
+	namestrcpy(&key_data, metadata_key);
 
 	/* Insert into the catalog table for persistence */
-	values[AttrNumberGetAttrOffset(Anum_metadata_key)] = CStringGetDatum(key_data);
+	values[AttrNumberGetAttrOffset(Anum_metadata_key)] = NameGetDatum(&key_data);
 	values[AttrNumberGetAttrOffset(Anum_metadata_value)] =
 		convert_type_to_text(metadata_value, type);
 	values[AttrNumberGetAttrOffset(Anum_metadata_include_in_telemetry)] =