From 8b1bf3161b360003182997b4e258b8fac78c3bdf Mon Sep 17 00:00:00 2001 From: Stephen Frost Date: Fri, 6 Jan 2017 15:27:50 -0500 Subject: [PATCH] Protect against NULL-dereference in pg_dump findTableByOid() is allowed to return NULL and we should therefore be checking for that case. getOwnedSeqs() and dumpSequence() shouldn't ever actually see this happen, but given odd circumstances it might and commit f9e439b1 probably shouldn't have removed that check. Pointed out by Coverity. Initial patch from Michael Paquier. Back-patch to 9.6, where that commit had removed the check. --- src/bin/pg_dump/pg_dump.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/bin/pg_dump/pg_dump.c b/src/bin/pg_dump/pg_dump.c index 6b2a6c939b..c3ca047463 100644 --- a/src/bin/pg_dump/pg_dump.c +++ b/src/bin/pg_dump/pg_dump.c @@ -6089,6 +6089,9 @@ getOwnedSeqs(Archive *fout, TableInfo tblinfo[], int numTables) continue; /* not an owned sequence */ owning_tab = findTableByOid(seqinfo->owning_tab); + if (owning_tab == NULL) + exit_horribly(NULL, "failed sanity check, parent table OID %u of sequence OID %u not found\n", + seqinfo->owning_tab, seqinfo->dobj.catId.oid); /* * We need to dump the components that are being dumped for the table @@ -16537,7 +16540,11 @@ dumpSequence(Archive *fout, TableInfo *tbinfo) { TableInfo *owning_tab = findTableByOid(tbinfo->owning_tab); - if (owning_tab && owning_tab->dobj.dump & DUMP_COMPONENT_DEFINITION) + if (owning_tab == NULL) + exit_horribly(NULL, "failed sanity check, parent table OID %u of sequence OID %u not found\n", + tbinfo->owning_tab, tbinfo->dobj.catId.oid); + + if (owning_tab->dobj.dump & DUMP_COMPONENT_DEFINITION) { resetPQExpBuffer(query); appendPQExpBuffer(query, "ALTER SEQUENCE %s",