PL/Python: Fix potential NULL pointer dereference

After d0aa965c0a0ac2ff7906ae1b1dad50a7952efa56, one error path in
PLy_spi_execute_fetch_result() could result in the variable "result"
being dereferenced after being set to NULL.  To fix that, just clear the
resources right there and return early.

Also add another SPI_freetuptable() call so that that is cleared in all
error paths.

discovered by John Naylor  via scan-build

diff --git a/src/pl/plpython/plpy_spi.c b/src/pl/plpython/plpy_spi.c
index ade27f3924210b2f8a622762e53ade0f4ad0f64f..c80ccf6129b2b2d4a0c2a620d1f0c27fb7aff169 100644 (file)
--- a/src/pl/plpython/plpy_spi.c
+++ b/src/pl/plpython/plpy_spi.c
@@ -361,7 +361,10 @@ PLy_spi_execute_fetch_result(SPITupleTable *tuptable, uint64 rows, int status)
 
    result = (PLyResultObject *) PLy_result_new();
    if (!result)
+   {
+       SPI_freetuptable(tuptable);
        return NULL;
+   }
    Py_DECREF(result->status);
    result->status = PyInt_FromLong(status);
 
@@ -414,7 +417,9 @@ PLy_spi_execute_fetch_result(SPITupleTable *tuptable, uint64 rows, int status)
                if (!result->rows)
                {
                    Py_DECREF(result);
-                   result = NULL;
+                   MemoryContextDelete(cxt);
+                   SPI_freetuptable(tuptable);
+                   return NULL;
                }
                else
                {