From 7a1d4a2448c34ed4669d67ae4f24c594545f10b5 Mon Sep 17 00:00:00 2001
From: Andres Freund <andres@anarazel.de>
Date: Tue, 8 Mar 2016 14:59:29 -0800
Subject: [PATCH] ltree: Zero padding bytes when allocating memory for
 externally visible data.

ltree/ltree_gist/ltxtquery's headers stores data at MAXALIGN alignment,
requiring some padding bytes. So far we left these uninitialized. Zero
those by using palloc0.

Author: Andres Freund
Reported-By: Andres Freund / valgrind / buildarm animal skink
Backpatch: 9.1-
---
 contrib/ltree/_ltree_gist.c  | 14 +++++++-------
 contrib/ltree/_ltree_op.c    |  8 ++++----
 contrib/ltree/ltree_gist.c   | 10 +++++-----
 contrib/ltree/ltree_op.c     |  6 +++---
 contrib/ltree/ltxtquery_io.c |  2 +-
 5 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/contrib/ltree/_ltree_gist.c b/contrib/ltree/_ltree_gist.c
index 37cd9916942..a387f5b899e 100644
--- a/contrib/ltree/_ltree_gist.c
+++ b/contrib/ltree/_ltree_gist.c
@@ -85,7 +85,7 @@ _ltree_compress(PG_FUNCTION_ARGS)
 					(errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED),
 					 errmsg("array must not contain nulls")));
 
-		key = (ltree_gist *) palloc(len);
+		key = (ltree_gist *) palloc0(len);
 		SET_VARSIZE(key, len);
 		key->flag = 0;
 
@@ -116,7 +116,7 @@ _ltree_compress(PG_FUNCTION_ARGS)
 				PG_RETURN_POINTER(retval);
 		}
 		len = LTG_HDRSIZE;
-		key = (ltree_gist *) palloc(len);
+		key = (ltree_gist *) palloc0(len);
 		SET_VARSIZE(key, len);
 		key->flag = LTG_ALLTRUE;
 
@@ -196,7 +196,7 @@ _ltree_union(PG_FUNCTION_ARGS)
 	}
 
 	len = LTG_HDRSIZE + ((flag & LTG_ALLTRUE) ? 0 : ASIGLEN);
-	result = (ltree_gist *) palloc(len);
+	result = (ltree_gist *) palloc0(len);
 	SET_VARSIZE(result, len);
 	result->flag = flag;
 	if (!LTG_ISALLTRUE(result))
@@ -333,26 +333,26 @@ _ltree_picksplit(PG_FUNCTION_ARGS)
 	/* form initial .. */
 	if (LTG_ISALLTRUE(GETENTRY(entryvec, seed_1)))
 	{
-		datum_l = (ltree_gist *) palloc(LTG_HDRSIZE);
+		datum_l = (ltree_gist *) palloc0(LTG_HDRSIZE);
 		SET_VARSIZE(datum_l, LTG_HDRSIZE);
 		datum_l->flag = LTG_ALLTRUE;
 	}
 	else
 	{
-		datum_l = (ltree_gist *) palloc(LTG_HDRSIZE + ASIGLEN);
+		datum_l = (ltree_gist *) palloc0(LTG_HDRSIZE + ASIGLEN);
 		SET_VARSIZE(datum_l, LTG_HDRSIZE + ASIGLEN);
 		datum_l->flag = 0;
 		memcpy((void *) LTG_SIGN(datum_l), (void *) LTG_SIGN(GETENTRY(entryvec, seed_1)), sizeof(ABITVEC));
 	}
 	if (LTG_ISALLTRUE(GETENTRY(entryvec, seed_2)))
 	{
-		datum_r = (ltree_gist *) palloc(LTG_HDRSIZE);
+		datum_r = (ltree_gist *) palloc0(LTG_HDRSIZE);
 		SET_VARSIZE(datum_r, LTG_HDRSIZE);
 		datum_r->flag = LTG_ALLTRUE;
 	}
 	else
 	{
-		datum_r = (ltree_gist *) palloc(LTG_HDRSIZE + ASIGLEN);
+		datum_r = (ltree_gist *) palloc0(LTG_HDRSIZE + ASIGLEN);
 		SET_VARSIZE(datum_r, LTG_HDRSIZE + ASIGLEN);
 		datum_r->flag = 0;
 		memcpy((void *) LTG_SIGN(datum_r), (void *) LTG_SIGN(GETENTRY(entryvec, seed_2)), sizeof(ABITVEC));
diff --git a/contrib/ltree/_ltree_op.c b/contrib/ltree/_ltree_op.c
index 44270d4614a..c0c56a40d4f 100644
--- a/contrib/ltree/_ltree_op.c
+++ b/contrib/ltree/_ltree_op.c
@@ -211,7 +211,7 @@ _ltree_extract_isparent(PG_FUNCTION_ARGS)
 		PG_RETURN_NULL();
 	}
 
-	item = (ltree *) palloc(VARSIZE(found));
+	item = (ltree *) palloc0(VARSIZE(found));
 	memcpy(item, found, VARSIZE(found));
 
 	PG_FREE_IF_COPY(la, 0);
@@ -234,7 +234,7 @@ _ltree_extract_risparent(PG_FUNCTION_ARGS)
 		PG_RETURN_NULL();
 	}
 
-	item = (ltree *) palloc(VARSIZE(found));
+	item = (ltree *) palloc0(VARSIZE(found));
 	memcpy(item, found, VARSIZE(found));
 
 	PG_FREE_IF_COPY(la, 0);
@@ -257,7 +257,7 @@ _ltq_extract_regex(PG_FUNCTION_ARGS)
 		PG_RETURN_NULL();
 	}
 
-	item = (ltree *) palloc(VARSIZE(found));
+	item = (ltree *) palloc0(VARSIZE(found));
 	memcpy(item, found, VARSIZE(found));
 
 	PG_FREE_IF_COPY(la, 0);
@@ -280,7 +280,7 @@ _ltxtq_extract_exec(PG_FUNCTION_ARGS)
 		PG_RETURN_NULL();
 	}
 
-	item = (ltree *) palloc(VARSIZE(found));
+	item = (ltree *) palloc0(VARSIZE(found));
 	memcpy(item, found, VARSIZE(found));
 
 	PG_FREE_IF_COPY(la, 0);
diff --git a/contrib/ltree/ltree_gist.c b/contrib/ltree/ltree_gist.c
index 83da62018e3..033a477c61a 100644
--- a/contrib/ltree/ltree_gist.c
+++ b/contrib/ltree/ltree_gist.c
@@ -56,7 +56,7 @@ ltree_compress(PG_FUNCTION_ARGS)
 		ltree	   *val = (ltree *) DatumGetPointer(PG_DETOAST_DATUM(entry->key));
 		int32		len = LTG_HDRSIZE + VARSIZE(val);
 
-		key = (ltree_gist *) palloc(len);
+		key = (ltree_gist *) palloc0(len);
 		SET_VARSIZE(key, len);
 		key->flag = LTG_ONENODE;
 		memcpy((void *) LTG_NODE(key), (void *) val, VARSIZE(val));
@@ -213,7 +213,7 @@ ltree_union(PG_FUNCTION_ARGS)
 	isleqr = (left == right || ISEQ(left, right)) ? true : false;
 	*size = LTG_HDRSIZE + ((isalltrue) ? 0 : SIGLEN) + VARSIZE(left) + ((isleqr) ? 0 : VARSIZE(right));
 
-	result = (ltree_gist *) palloc(*size);
+	result = (ltree_gist *) palloc0(*size);
 	SET_VARSIZE(result, *size);
 	result->flag = 0;
 
@@ -386,7 +386,7 @@ ltree_picksplit(PG_FUNCTION_ARGS)
 	lu_l = LTG_GETLNODE(GETENTRY(entryvec, array[FirstOffsetNumber].index));
 	isleqr = (lu_l == lu_r || ISEQ(lu_l, lu_r)) ? true : false;
 	size = LTG_HDRSIZE + ((lisat) ? 0 : SIGLEN) + VARSIZE(lu_l) + ((isleqr) ? 0 : VARSIZE(lu_r));
-	lu = (ltree_gist *) palloc(size);
+	lu = (ltree_gist *) palloc0(size);
 	SET_VARSIZE(lu, size);
 	lu->flag = 0;
 	if (lisat)
@@ -403,7 +403,7 @@ ltree_picksplit(PG_FUNCTION_ARGS)
 	ru_l = LTG_GETLNODE(GETENTRY(entryvec, array[1 + ((maxoff - FirstOffsetNumber + 1) / 2)].index));
 	isleqr = (ru_l == ru_r || ISEQ(ru_l, ru_r)) ? true : false;
 	size = LTG_HDRSIZE + ((risat) ? 0 : SIGLEN) + VARSIZE(ru_l) + ((isleqr) ? 0 : VARSIZE(ru_r));
-	ru = (ltree_gist *) palloc(size);
+	ru = (ltree_gist *) palloc0(size);
 	SET_VARSIZE(ru, size);
 	ru->flag = 0;
 	if (risat)
@@ -445,7 +445,7 @@ gist_isparent(ltree_gist *key, ltree *query)
 static ltree *
 copy_ltree(ltree *src)
 {
-	ltree	   *dst = (ltree *) palloc(VARSIZE(src));
+	ltree	   *dst = (ltree *) palloc0(VARSIZE(src));
 
 	memcpy(dst, src, VARSIZE(src));
 	return dst;
diff --git a/contrib/ltree/ltree_op.c b/contrib/ltree/ltree_op.c
index 4561073fa09..aa1e9918bef 100644
--- a/contrib/ltree/ltree_op.c
+++ b/contrib/ltree/ltree_op.c
@@ -211,7 +211,7 @@ inner_subltree(ltree *t, int32 startpos, int32 endpos)
 		ptr = LEVEL_NEXT(ptr);
 	}
 
-	res = (ltree *) palloc(LTREE_HDRSIZE + (end - start));
+	res = (ltree *) palloc0(LTREE_HDRSIZE + (end - start));
 	SET_VARSIZE(res, LTREE_HDRSIZE + (end - start));
 	res->numlevel = endpos - startpos;
 
@@ -268,7 +268,7 @@ ltree_concat(ltree *a, ltree *b)
 {
 	ltree	   *r;
 
-	r = (ltree *) palloc(VARSIZE(a) + VARSIZE(b) - LTREE_HDRSIZE);
+	r = (ltree *) palloc0(VARSIZE(a) + VARSIZE(b) - LTREE_HDRSIZE);
 	SET_VARSIZE(r, VARSIZE(a) + VARSIZE(b) - LTREE_HDRSIZE);
 	r->numlevel = a->numlevel + b->numlevel;
 
@@ -450,7 +450,7 @@ lca_inner(ltree **a, int len)
 		l1 = LEVEL_NEXT(l1);
 	}
 
-	res = (ltree *) palloc(reslen);
+	res = (ltree *) palloc0(reslen);
 	SET_VARSIZE(res, reslen);
 	res->numlevel = num;
 
diff --git a/contrib/ltree/ltxtquery_io.c b/contrib/ltree/ltxtquery_io.c
index 74010f3cef4..befda1344d5 100644
--- a/contrib/ltree/ltxtquery_io.c
+++ b/contrib/ltree/ltxtquery_io.c
@@ -350,7 +350,7 @@ queryin(char *buf)
 				 errmsg("ltxtquery is too large")));
 	commonlen = COMPUTESIZE(state.num, state.sumlen);
 
-	query = (ltxtquery *) palloc(commonlen);
+	query = (ltxtquery *) palloc0(commonlen);
 	SET_VARSIZE(query, commonlen);
 	query->size = state.num;
 	ptr = GETQUERY(query);
-- 
GitLab