From 2b0f8ae0095575beead053d93266f30f6ffb7f14 Mon Sep 17 00:00:00 2001
From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Fri, 23 Feb 2001 22:52:32 +0000
Subject: [PATCH] Fix pg_dump crashes caused by bogus use of va_start/va_end
 (only seen on some platforms, which is not too surprising considering how
 platform specific these macros must be).

---
 src/bin/pg_dump/pg_backup_archiver.c | 30 ++++++++++++++--------------
 src/bin/pg_dump/pg_backup_tar.c      | 12 +++++------
 2 files changed, 20 insertions(+), 22 deletions(-)

diff --git a/src/bin/pg_dump/pg_backup_archiver.c b/src/bin/pg_dump/pg_backup_archiver.c
index d50f82df9e8..1b08b2ce8b5 100644
--- a/src/bin/pg_dump/pg_backup_archiver.c
+++ b/src/bin/pg_dump/pg_backup_archiver.c
@@ -872,21 +872,21 @@ int archprintf(Archive* AH, const char *fmt, ...)
     int		bSize = strlen(fmt) + 256;
     int		cnt = -1;
 
-    va_start(ap, fmt);
-
     /* This is paranoid: deal with the possibility that vsnprintf is willing to ignore trailing null */
     /* or returns > 0 even if string does not fit. It may be the case that it returns cnt = bufsize */ 
-    while (cnt < 0 || cnt >= (bSize-1) ) {
-	if (p != NULL) free(p);
-	bSize *= 2;
-	if ((p = malloc(bSize)) == NULL)
+    while (cnt < 0 || cnt >= (bSize-1) )
 	{
-	    va_end(ap);
-	    exit_horribly(AH, "%s: could not allocate buffer for archprintf\n", progname);
-	}
-	cnt = vsnprintf(p, bSize, fmt, ap);
+		if (p != NULL) free(p);
+		bSize *= 2;
+		p = (char*)malloc(bSize);
+		if (p == NULL)
+		{
+			exit_horribly(AH, "%s: could not allocate buffer for archprintf\n", progname);
+		}
+		va_start(ap, fmt);
+		cnt = vsnprintf(p, bSize, fmt, ap);
+		va_end(ap);
     }
-    va_end(ap);
     WriteData(AH, p, cnt);
     free(p);
     return cnt;
@@ -977,21 +977,21 @@ int ahprintf(ArchiveHandle* AH, const char *fmt, ...)
     int		bSize = strlen(fmt) + 256; /* Should be enough */
     int		cnt = -1;
 
-    va_start(ap, fmt);
     /* This is paranoid: deal with the possibility that vsnprintf is willing to ignore trailing null */
     /* or returns > 0 even if string does not fit. It may be the case that it returns cnt = bufsize */ 
-    while (cnt < 0 || cnt >= (bSize - 1) ) {
+    while (cnt < 0 || cnt >= (bSize - 1) )
+	{
 		if (p != NULL) free(p);
 		bSize *= 2;
 		p = (char*)malloc(bSize);
 		if (p == NULL)
 		{
-			va_end(ap);
 			die_horribly(AH, "%s: could not allocate buffer for ahprintf\n", progname);
 		}
+		va_start(ap, fmt);
 		cnt = vsnprintf(p, bSize, fmt, ap);
+		va_end(ap);
     }
-    va_end(ap);
     ahwrite(p, 1, cnt, AH);
     free(p);
     return cnt;
diff --git a/src/bin/pg_dump/pg_backup_tar.c b/src/bin/pg_dump/pg_backup_tar.c
index 87dada274d5..a24701a37cc 100644
--- a/src/bin/pg_dump/pg_backup_tar.c
+++ b/src/bin/pg_dump/pg_backup_tar.c
@@ -899,24 +899,22 @@ static int tarPrintf(ArchiveHandle *AH, TAR_MEMBER *th, const char *fmt, ...)
 	int			bSize = strlen(fmt) + 256; /* Should be enough */
 	int			cnt = -1;
 
-	va_start(ap, fmt);
 	/* This is paranoid: deal with the possibility that vsnprintf is willing to ignore trailing null */
 	/* or returns > 0 even if string does not fit. It may be the case that it returns cnt = bufsize */
-	while (cnt < 0 || cnt >= (bSize - 1) ) {
+	while (cnt < 0 || cnt >= (bSize - 1) )
+	{
 		if (p != NULL) free(p);
 		bSize *= 2;
 		p = (char*)malloc(bSize);
 		if (p == NULL)
 		{
-			va_end(ap);
-			die_horribly(AH, "%s: could not allocate buffer for ahprintf\n", progname);
+			die_horribly(AH, "%s: could not allocate buffer for tarPrintf\n", progname);
 		}
+		va_start(ap, fmt);
 		cnt = vsnprintf(p, bSize, fmt, ap);
+		va_end(ap);
 	}
-	va_end(ap);
-
 	cnt = tarWrite(p, cnt, th);
-
 	free(p);
 	return cnt;
 }
-- 
GitLab