mirror/postgresql
2
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2024-12-15 08:20:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix snapshot leak if lo_open called on non-existent object.

Browse Source 
lo_open registers the currently active snapshot, and checks if the
large object exists after that. Normally, snapshots registered by lo_open
are unregistered at end of transaction when the lo descriptor is closed, but
if we error out before the lo descriptor is added to the list of open
descriptors, it is leaked. Fix by moving the snapshot registration to after
checking if the large object exists.

Reported by Pavel Stehule. Backpatch to 8.4. The snapshot registration
system was introduced in 8.4, so prior versions are not affected (and not
supported, anyway).
This commit is contained in:
Heikki Linnakangas 2013-09-30 11:29:09 +03:00
parent 514b3194e8
commit 357f752138
1 changed files with 26 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
src/backend/storage/large_object/inv_api.c
View File

@ -240,29 +240,18 @@ LargeObjectDesc *
inv_open(Oid lobjId, int flags, MemoryContext mcxt) inv_open(Oid lobjId, int flags, MemoryContext mcxt)
{ {
LargeObjectDesc *retval; LargeObjectDesc *retval;
Snapshot snapshot = NULL;
retval = (LargeObjectDesc *) MemoryContextAlloc(mcxt, int descflags = 0;
sizeof(LargeObjectDesc));
retval->id = lobjId;
retval->subid = GetCurrentSubTransactionId();
retval->offset = 0;
if (flags & INV_WRITE) if (flags & INV_WRITE)
{ {
retval->snapshot = NULL; /* instantaneous MVCC snapshot */ snapshot = NULL; /* instantaneous MVCC snapshot */
retval->flags = IFS_WRLOCK | IFS_RDLOCK; descflags = IFS_WRLOCK | IFS_RDLOCK;
} }
else if (flags & INV_READ) else if (flags & INV_READ)
{ {
/* snapshot = GetActiveSnapshot();
* We must register the snapshot in TopTransaction's resowner, because descflags = IFS_RDLOCK;
* it must stay alive until the LO is closed rather than until the
* current portal shuts down.
*/
retval->snapshot = RegisterSnapshotOnOwner(GetActiveSnapshot(),
TopTransactionResourceOwner);
retval->flags = IFS_RDLOCK;
} }
else else
ereport(ERROR, ereport(ERROR,
@ -271,11 +260,30 @@ inv_open(Oid lobjId, int flags, MemoryContext mcxt)
flags))); flags)));
/* Can't use LargeObjectExists here because we need to specify snapshot */ /* Can't use LargeObjectExists here because we need to specify snapshot */
if (!myLargeObjectExists(lobjId, retval->snapshot)) if (!myLargeObjectExists(lobjId, snapshot))
ereport(ERROR, ereport(ERROR,
(errcode(ERRCODE_UNDEFINED_OBJECT), (errcode(ERRCODE_UNDEFINED_OBJECT),
errmsg("large object %u does not exist", lobjId))); errmsg("large object %u does not exist", lobjId)));
/*
* We must register the snapshot in TopTransaction's resowner, because
* it must stay alive until the LO is closed rather than until the
* current portal shuts down. Do this after checking that the LO exists,
* to avoid leaking the snapshot if an error is thrown.
*/
if (snapshot)
snapshot = RegisterSnapshotOnOwner(snapshot,
TopTransactionResourceOwner);
/* All set, create a descriptor */
retval = (LargeObjectDesc *) MemoryContextAlloc(mcxt,
sizeof(LargeObjectDesc));
retval->id = lobjId;
retval->subid = GetCurrentSubTransactionId();
retval->offset = 0;
retval->snapshot = snapshot;
retval->flags = descflags;
return retval; return retval;
} }