[postgis-tickets] [PostGIS] #4017: lwgeom lexer memory corruption
PostGIS
trac at osgeo.org
Mon Feb 12 17:54:21 PST 2018
#4017: lwgeom lexer memory corruption
-----------------------+---------------------------
Reporter: petere | Owner: strk
Type: defect | Status: new
Priority: high | Milestone: PostGIS 2.5.0
Component: liblwgeom | Version: trunk
Keywords: |
-----------------------+---------------------------
We have experienced frequent crashes in PostGIS, with backtraces pointing
to memory corruption in the lwgeom lexer. I believe the attached patch
fixes the problem. We have had it running for about a week without
crashes, where before, they were quite frequent.
The problem is that if a query is aborted while the lexer is running
(e.g., statement timeout), the memory belonging to the internal lexer
state is cleaned up by PostgreSQL, but the flex code thinks it's still
there, so it will crash the next time the lexer runs. The fix is to
reinitialize the flex globals before each run. (The same problem once
existed in the core PostgreSQL code.)
The problem was observed in version 2.2, but the same code exists in trunk
as well. I suggest the fix could be backpatched.
(You should regenerated the .c files using your preferred flex version.)
--
Ticket URL: <https://trac.osgeo.org/postgis/ticket/4017>
PostGIS <http://trac.osgeo.org/postgis/>
The PostGIS Trac is used for bug, enhancement & task tracking, a user and developer wiki, and a view into the subversion code repository of PostGIS project.
More information about the postgis-tickets
mailing list