Hi all,
I have found a potential memory leak in src/bin/pg_dump/dumputils.c in
the function generate_restrict_key().
Memory is allocated to the ret pointer if pg_strong_random returns
false, and this leads to a memory leak.
I have replaced the allocation to avoid this leak.
---
Best regards, Korotkov Maksim
PostgresPro
m.korot...@postgrespro.ru
From d776c7c5f60d3798fe529ca2f5f84e878ef6e424 Mon Sep 17 00:00:00 2001
From: Maksim Korotkov <m.korot...@postgrespro.ru>
Date: Thu, 28 Aug 2025 16:55:04 +0300
Subject: [PATCH] pg_dump: fix memory allocation
If the function pg_strong_random() return false, memory allocated to the ret pointer
is leaked.
Fixes: 71ea0d67954 ("Restrict psql meta-commands in plain-text dumps.")
Found by PostgresPro with Svace Static Analyzer.
Signed-off-by: Maksim Korotkov <m.korot...@postgrespro.ru>
---
src/bin/pg_dump/dumputils.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/bin/pg_dump/dumputils.c b/src/bin/pg_dump/dumputils.c
index 8945bdd42c5..65ac9084d91 100644
--- a/src/bin/pg_dump/dumputils.c
+++ b/src/bin/pg_dump/dumputils.c
@@ -968,11 +968,12 @@ char *
generate_restrict_key(void)
{
uint8 buf[64];
- char *ret = palloc(sizeof(buf));
+ char *ret = NULL;
if (!pg_strong_random(buf, sizeof(buf)))
return NULL;
+ ret = palloc(sizeof(buf));
for (int i = 0; i < sizeof(buf) - 1; i++)
{
uint8 idx = buf[i] % strlen(restrict_chars);
--
2.34.1
