From d885e1a01695bab86ef83400c3e703299eda79a0 Mon Sep 17 00:00:00 2001 From: Maxim Korotkov Date: Wed, 5 Mar 2025 18:07:58 +0300 Subject: [PATCH] background task execution: fixed dereference of NULL (#7694) In the function TaskConcurrentCancelCheck() the pointer "task" was utilized after checking against NULL, which can lead to dereference of the null pointer. To avoid the problem, added a separate handling of the case when the pointer is null with an interruption of execution. Fixes: #7693. Fixes: 1f8675da4382f6e("nonblocking concurrent task execution via background workers") Signed-off-by: Maksim Korotkov --- src/backend/distributed/utils/background_jobs.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/backend/distributed/utils/background_jobs.c b/src/backend/distributed/utils/background_jobs.c index a7a124c74..84377e2ba 100644 --- a/src/backend/distributed/utils/background_jobs.c +++ b/src/backend/distributed/utils/background_jobs.c @@ -706,8 +706,12 @@ TaskConcurrentCancelCheck(TaskExecutionContext *taskExecutionContext) BackgroundExecutorHashEntry *handleEntry = taskExecutionContext->handleEntry; BackgroundTask *task = GetBackgroundTaskByTaskId(handleEntry->taskid); taskExecutionContext->task = task; + if (!task) + { + ereport(ERROR, (errmsg("unexpected missing task id: %ld", handleEntry->taskid))); + } - if (!task || task->status == BACKGROUND_TASK_STATUS_CANCELLING) + if (task->status == BACKGROUND_TASK_STATUS_CANCELLING) { /* * being in that step means that a concurrent cancel or removal happened. we should