From cf22e851b6ae8737f3e767dffcadf1722fbb36a7 Mon Sep 17 00:00:00 2001
From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Thu, 10 Nov 2011 16:08:14 -0500
Subject: [PATCH] Avoid platform-dependent infinite loop in pg_dump.

If malloc(0) returns NULL, the binary search in findSecLabels() will
probably go into an infinite loop when there are no security labels,
because NULL-1 is greater than NULL after wraparound.

(We've seen this pathology before ... I wonder whether there's a way to
detect the class of bugs automatically?)

Diagnosis and patch by Steve Singer, cosmetic adjustments by me
---
 src/bin/pg_dump/pg_dump.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/bin/pg_dump/pg_dump.c b/src/bin/pg_dump/pg_dump.c
index 88a867fe8e3..973f0b335d7 100644
--- a/src/bin/pg_dump/pg_dump.c
+++ b/src/bin/pg_dump/pg_dump.c
@@ -645,9 +645,10 @@ main(int argc, char **argv)
 		do_sql_command(g_conn, "SET quote_all_identifiers = true");
 
 	/*
-	 * Disables security label support if server version < v9.1.x
+	 * Disable security label support if server version < v9.1.x (prevents
+	 * access to nonexistent pg_seclabel catalog)
 	 */
-	if (!no_security_labels && g_fout->remoteVersion < 90100)
+	if (g_fout->remoteVersion < 90100)
 		no_security_labels = 1;
 
 	/*
@@ -11993,6 +11994,12 @@ findSecLabels(Archive *fout, Oid classoid, Oid objoid, SecLabelItem **items)
 	if (nlabels < 0)
 		nlabels = collectSecLabels(fout, &labels);
 
+	if (nlabels <= 0)			/* no labels, so no match is possible */
+	{
+		*items = NULL;
+		return 0;
+	}
+
 	/*
 	 * Do binary search to find some item matching the object.
 	 */
-- 
GitLab