On 3/2/26 4:18 AM, Michael Paquier wrote:
On Sun, Mar 01, 2026 at 06:10:10PM +0100, Joel Jacobson wrote:
The allocations in src/backend/commands/explain_state.c
used sizeof(char *) instead of sizeof(ExplainExtensionOption),
which could cause a crash if an extension would register
more than 8 extension EXPLAIN options:
Indeed, that's wrong as-is. The problem can be reproduced simply by
saving more options into pg_overexplain, as well, leading to the same
memory chunk issues. Will fix, thanks for the report.
Shouldn't the patch have used repalloc_array()? If the code had done so
in the first place the bug would never have happened.
--
Andreas Karlsson
Percona
