• Tom Lane's avatar
    Fix memory leakage in ICU encoding conversion, and other code review. · b6159202
    Tom Lane authored
    Callers of icu_to_uchar() neglected to pfree the result string when done
    with it.  This results in catastrophic memory leaks in varstr_cmp(),
    because of our prevailing assumption that btree comparison functions don't
    leak memory.  For safety, make all the call sites clean up leaks, though
    I suspect that we could get away without it in formatting.c.  I audited
    callers of icu_from_uchar() as well, but found no places that seemed to
    have a comparable issue.
    
    Add function API specifications for icu_to_uchar() and icu_from_uchar();
    the lack of any thought-through specification is perhaps not unrelated
    to the existence of this bug in the first place.  Fix icu_to_uchar()
    to guarantee a nul-terminated result; although no existing caller appears
    to care, the fact that it would have been nul-terminated except in
    extreme corner cases seems ideally designed to bite someone on the rear
    someday.  Fix ucnv_fromUChars() destCapacity argument --- in the worst
    case, that could perhaps have led to a non-nul-terminated result, too.
    Fix icu_from_uchar() to have a more reasonable definition of the function
    result --- no callers are actually paying attention, so this isn't a live
    bug, but it's certainly sloppily designed.  Const-ify icu_from_uchar()'s
    input string for consistency.
    
    That is not the end of what needs to be done to these functions, but
    it's as much as I have the patience for right now.
    
    Discussion: https://postgr.es/m/1955.1498181798@sss.pgh.pa.us
    b6159202
formatting.c 135 KB