From 8e053dc6dfbee4ae412e98ad73cfd4662d7453ac Mon Sep 17 00:00:00 2001
From: Robert Haas <rhaas@postgresql.org>
Date: Wed, 30 Mar 2022 15:53:08 -0400
Subject: [PATCH] Fix possible NULL-pointer-deference in backup_compression.c.

Per Coverity and Tom Lane. Reviewed by Tom Lane and Justin Pryzby.

Discussion: http://postgr.es/m/384291.1648403267@sss.pgh.pa.us
---
 src/common/backup_compression.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/common/backup_compression.c b/src/common/backup_compression.c
index 969e08cca2..867f2f2eb5 100644
--- a/src/common/backup_compression.c
+++ b/src/common/backup_compression.c
@@ -191,8 +191,16 @@ parse_bc_specification(bc_algorithm algorithm, char *specification,
 		if (value != NULL)
 			pfree(value);
 
-		/* If we got an error or have reached the end of the string, stop. */
-		if (result->parse_error != NULL || *kwend == '\0' || *vend == '\0')
+		/*
+		 * If we got an error or have reached the end of the string, stop.
+		 *
+		 * If there is no value, then the end of the keyword might have been
+		 * the end of the string. If there is a value, then the end of the
+		 * keyword cannot have been the end of the string, but the end of the
+		 * value might have been.
+		 */
+		if (result->parse_error != NULL ||
+			(vend == NULL ? *kwend == '\0' : *vend == '\0'))
 			break;
 
 		/* Advance to next entry and loop around. */