Don't leave pg_hba and pg_ident data lying around in running backends.

Free the contexts holding this data after we're done using it, by the expedient of attaching them to the PostmasterContext which we were already taking care to delete (and where, indeed, this data used to live before commits e5e2fc842c and 7c45e3a3c6). This saves a probably-usually-negligible amount of space per running backend. It also avoids leaving potentially-security-sensitive data lying around in memory in processes that don't need it. You'd have to be unusually paranoid to think that that amounts to a live security bug, so I've not gone so far as to forcibly zero the memory; but there surely isn't a good reason to keep this data around. Arguably this is a memory management bug in the aforementioned commits, but it doesn't seem important enough to back-patch.
2015-07-01 18:55:39 -04:00 · 2015-07-01 18:55:39 -04:00 · 1e24cf645d
parent d7c19d6855
commit 1e24cf645d
2 changed files with 18 additions and 3 deletions
--- a/src/backend/libpq/hba.c
+++ b/src/backend/libpq/hba.c
@ -386,7 +386,7 @@ tokenize_file(const char *filename, FILE *file,
 	MemoryContext linecxt;
 	MemoryContext oldcxt;

-	linecxt = AllocSetContextCreate(TopMemoryContext,
+	linecxt = AllocSetContextCreate(CurrentMemoryContext,
 									"tokenize file cxt",
 									ALLOCSET_DEFAULT_MINSIZE,
 									ALLOCSET_DEFAULT_INITSIZE,
@ -1770,7 +1770,8 @@ load_hba(void)
 	FreeFile(file);

 	/* Now parse all the lines */
-	hbacxt = AllocSetContextCreate(TopMemoryContext,
+	Assert(PostmasterContext);
+	hbacxt = AllocSetContextCreate(PostmasterContext,
 								   "hba parser context",
 								   ALLOCSET_DEFAULT_MINSIZE,
 								   ALLOCSET_DEFAULT_MINSIZE,
@ -2147,7 +2148,8 @@ load_ident(void)
 	FreeFile(file);

 	/* Now parse all the lines */
-	ident_context = AllocSetContextCreate(TopMemoryContext,
+	Assert(PostmasterContext);
+	ident_context = AllocSetContextCreate(PostmasterContext,
 										  "ident parser context",
 										  ALLOCSET_DEFAULT_MINSIZE,
 										  ALLOCSET_DEFAULT_MINSIZE,
--- a/src/backend/utils/init/postinit.c
+++ b/src/backend/utils/init/postinit.c
@ -52,6 +52,7 @@
 #include "utils/acl.h"
 #include "utils/fmgroids.h"
 #include "utils/guc.h"
+#include "utils/memutils.h"
 #include "utils/pg_locale.h"
 #include "utils/portal.h"
 #include "utils/ps_status.h"
@ -190,6 +191,18 @@ PerformAuthentication(Port *port)
 	 * FIXME: [fork/exec] Ugh.  Is there a way around this overhead?
 	 */
 #ifdef EXEC_BACKEND
+	/*
+	 * load_hba() and load_ident() want to work within the PostmasterContext,
+	 * so create that if it doesn't exist (which it won't).  We'll delete it
+	 * again later, in PostgresMain.
+	 */
+	if (PostmasterContext == NULL)
+		PostmasterContext = AllocSetContextCreate(TopMemoryContext,
+												  "Postmaster",
+												  ALLOCSET_DEFAULT_MINSIZE,
+												  ALLOCSET_DEFAULT_INITSIZE,
+												  ALLOCSET_DEFAULT_MAXSIZE);
+
 	if (!load_hba())
 	{
 		/*