From 79048ca1a4bb5dd14a088367bbe8c7d877844ea3 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Fri, 31 Aug 2007 02:26:29 +0000 Subject: [PATCH] Install check_stack_depth() protection in two recursive tsquery processing routines. Per Heikki. --- src/backend/utils/adt/tsquery.c | 11 +++++++++-- src/backend/utils/adt/tsvector_op.c | 11 ++++++++--- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/src/backend/utils/adt/tsquery.c b/src/backend/utils/adt/tsquery.c index 1f8abb3298..83759728ff 100644 --- a/src/backend/utils/adt/tsquery.c +++ b/src/backend/utils/adt/tsquery.c @@ -7,7 +7,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/utils/adt/tsquery.c,v 1.1 2007/08/21 01:11:19 tgl Exp $ + * $PostgreSQL: pgsql/src/backend/utils/adt/tsquery.c,v 1.2 2007/08/31 02:26:29 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -15,12 +15,14 @@ #include "postgres.h" #include "libpq/pqformat.h" +#include "miscadmin.h" #include "tsearch/ts_locale.h" #include "tsearch/ts_type.h" #include "tsearch/ts_utils.h" #include "utils/memutils.h" #include "utils/pg_crc.h" + /* parser's states */ #define WAITOPERAND 1 #define WAITOPERATOR 2 @@ -234,11 +236,13 @@ pushval_asis(TSQueryParserState * state, int type, char *strval, int lenval, int } #define STACKDEPTH 32 + /* * make polish notation of query */ static int4 -makepol(TSQueryParserState * state, void (*pushval) (TSQueryParserState *, int, char *, int, int2)) +makepol(TSQueryParserState * state, + void (*pushval) (TSQueryParserState *, int, char *, int, int2)) { int4 val = 0, type; @@ -248,6 +252,9 @@ makepol(TSQueryParserState * state, void (*pushval) (TSQueryParserState *, int, int4 lenstack = 0; int2 weight = 0; + /* since this function recurses, it could be driven to stack overflow */ + check_stack_depth(); + while ((type = gettoken_query(state, &val, &lenval, &strval, &weight)) != END) { switch (type) diff --git a/src/backend/utils/adt/tsvector_op.c b/src/backend/utils/adt/tsvector_op.c index 341247bec7..8567172c64 100644 --- a/src/backend/utils/adt/tsvector_op.c +++ b/src/backend/utils/adt/tsvector_op.c @@ -7,7 +7,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/utils/adt/tsvector_op.c,v 1.1 2007/08/21 01:11:19 tgl Exp $ + * $PostgreSQL: pgsql/src/backend/utils/adt/tsvector_op.c,v 1.2 2007/08/31 02:26:29 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -19,6 +19,7 @@ #include "executor/spi.h" #include "funcapi.h" #include "mb/pg_wchar.h" +#include "miscadmin.h" #include "tsearch/ts_type.h" #include "tsearch/ts_utils.h" #include "utils/builtins.h" @@ -525,14 +526,18 @@ checkcondition_str(void *checkval, QueryItem * val) * check for boolean condition */ bool -TS_execute(QueryItem * curitem, void *checkval, bool calcnot, bool (*chkcond) (void *checkval, QueryItem * val)) +TS_execute(QueryItem * curitem, void *checkval, bool calcnot, + bool (*chkcond) (void *checkval, QueryItem * val)) { + /* since this function recurses, it could be driven to stack overflow */ + check_stack_depth(); + if (curitem->type == VAL) return chkcond(checkval, curitem); else if (curitem->val == (int4) '!') { return (calcnot) ? - ((TS_execute(curitem + 1, checkval, calcnot, chkcond)) ? false : true) + !TS_execute(curitem + 1, checkval, calcnot, chkcond) : true; } else if (curitem->val == (int4) '&')