Fix potentially clobbered variables in PG_TRY/PG_CATCH blocks (#43)

Some local variables may have an undefined value after longjmp, which can lead to undefined behavior. This patch adds volatile to such variables based on a compiler warning. Fix a potential memory leak related to creating a hashmap inside a try/catch block. Add a compiler flag for throwing error related to clobbering variables. Ticket: ADBDEV-6616
arenadata · Nov 13, 2024 · 767d498 · 767d498
1 parent 7190d48
commit 767d498
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 21 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -35,7 +35,7 @@ if (APPLE)
     set(CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -bundle_loader ${PG_BIN_DIR}/postgres")
 endif()
 # set c and ld flags for all projects
-set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${PG_C_FLAGS}")
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror=clobbered ${PG_C_FLAGS}")
 
 # generate version
 if(NOT DEFINED DISKQUOTA_VERSION)

diff --git a/src/diskquota.c b/src/diskquota.c
@@ -958,10 +958,10 @@ disk_quota_launcher_main(Datum main_arg)
 static void
 create_monitor_db_table(void)
 {
-	const char *sql;
-	bool        connected_in_this_function = false;
-	bool        pushed_active_snap         = false;
-	bool        ret                        = true;
+	const char   *sql;
+	volatile bool connected_in_this_function = false;
+	volatile bool pushed_active_snap         = false;
+	volatile bool ret                        = true;
 
 	/*
 	 * Create function diskquota.diskquota_fetch_table_stat in launcher
@@ -1167,9 +1167,9 @@ process_extension_ddl_message()
 static void
 do_process_extension_ddl_message(MessageResult *code, ExtensionDDLMessage local_extension_ddl_message)
 {
-	int  old_num_db         = num_db;
-	bool pushed_active_snap = false;
-	bool ret                = true;
+	int           old_num_db         = num_db;
+	volatile bool pushed_active_snap = false;
+	volatile bool ret                = true;
 
 	StartTransactionCommand();
 

diff --git a/src/diskquota_utility.c b/src/diskquota_utility.c
@@ -1430,9 +1430,9 @@ relation_size_local(PG_FUNCTION_ARGS)
 Relation
 diskquota_relation_open(Oid relid)
 {
-	Relation rel;
-	bool     success_open               = false;
-	int32    SavedInterruptHoldoffCount = InterruptHoldoffCount;
+	volatile Relation rel;
+	volatile bool     success_open               = false;
+	int32             SavedInterruptHoldoffCount = InterruptHoldoffCount;
 
 	PG_TRY();
 	{

diff --git a/src/enforcement.c b/src/enforcement.c
@@ -44,7 +44,7 @@ init_disk_quota_enforcement(void)
 static bool
 quota_check_ExecCheckRTPerms(List *rangeTable, bool ereport_on_violation)
 {
-	ListCell *l;
+	ListCell *volatile l;
 
 	foreach (l, rangeTable)
 	{

diff --git a/src/quotamodel.c b/src/quotamodel.c
@@ -687,9 +687,9 @@ vacuum_disk_quota_model(uint32 id)
 bool
 check_diskquota_state_is_ready(void)
 {
-	bool is_ready           = false;
-	bool pushed_active_snap = false;
-	bool ret                = true;
+	volatile bool is_ready           = false;
+	volatile bool pushed_active_snap = false;
+	volatile bool ret                = true;
 
 	StartTransactionCommand();
 
@@ -809,9 +809,9 @@ refresh_disk_quota_model(bool is_init)
 static void
 refresh_disk_quota_usage(bool is_init)
 {
-	bool  pushed_active_snap          = false;
-	bool  ret                         = true;
-	HTAB *local_active_table_stat_map = NULL;
+	volatile bool pushed_active_snap           = false;
+	volatile bool ret                          = true;
+	HTAB *volatile local_active_table_stat_map = NULL;
 
 	StartTransactionCommand();
 
@@ -850,7 +850,6 @@ refresh_disk_quota_usage(bool is_init)
 		 */
 		if (is_init || (diskquota_hardlimit && (reject_map_changed || hasActiveTable)))
 			dispatch_rejectmap(local_active_table_stat_map);
-		hash_destroy(local_active_table_stat_map);
 	}
 	PG_CATCH();
 	{
@@ -863,6 +862,7 @@ refresh_disk_quota_usage(bool is_init)
 		RESUME_INTERRUPTS();
 	}
 	PG_END_TRY();
+	if (local_active_table_stat_map) hash_destroy(local_active_table_stat_map);
 	if (pushed_active_snap) PopActiveSnapshot();
 	if (ret)
 		CommitTransactionCommand();
@@ -1415,8 +1415,8 @@ truncateStringInfo(StringInfo str, int nchars)
 static bool
 load_quotas(void)
 {
-	bool pushed_active_snap = false;
-	bool ret                = true;
+	volatile bool pushed_active_snap = false;
+	volatile bool ret                = true;
 
 	StartTransactionCommand();