Fix List memory issue in transformColumnDefinition

When calling generateSerialExtraStmts(), we would pass in the
constraint->options.  In some cases, generateSerialExtraStmts() would
modify the referenced List to remove elements from it, but doing so is
invalid without assigning the list back to all variables that point to it.
In the particular reported problem case, the List became empty, in which
cases it became NIL, but the passed in constraint->options didn't get to
find out about that and was left pointing to free'd memory.

To fix this, just perform a list_copy() inside generateSerialExtraStmts().
We could just do a list_copy() just before we perform the delete from the
list, however, that seems less robust.  Let's make sure the generated
CreateSeqStmt gets a completely different copy of the list to be safe.

Bug: #17879
Reported-by: Fei Changhong
Diagnosed-by: Fei Changhong
Discussion: https://postgr.es/m/17879-b7dfb5debee58ff5@postgresql.org
Backpatch-through: 11, all supported versions

diff --git a/src/backend/parser/parse_utilcmd.c b/src/backend/parser/parse_utilcmd.c
index ecd587144aefd3ff95bf727add3f21f06202065e..cf73066fcfb4c143ccb9f2edb1ca1caeae92cd4f 100644 (file)
--- a/src/backend/parser/parse_utilcmd.c
+++ b/src/backend/parser/parse_utilcmd.c
@@ -381,6 +381,9 @@ generateSerialExtraStmts(CreateStmtContext *cxt, ColumnDef *column,
    List       *attnamelist;
    int         nameEl_idx = -1;
 
+   /* Make a copy of this as we may end up modifying it in the code below */
+   seqoptions = list_copy(seqoptions);
+
    /*
     * Determine namespace and name to use for the sequence.
     *