From 772544814df3509ef1df2de18dd9446501d66459 Mon Sep 17 00:00:00 2001
From: Mats Kindahl <mats@timescale.com>
Date: Thu, 31 Oct 2024 17:05:42 +0100
Subject: [PATCH] Verify that heap tuple is valid before using

In `ts_bgw_job_validate_job_owner` a heap tuple is fetched but it is
not verified that it is valid. If the heap tuple is later used it can
cause a crash at best, or leak information from random memory at worst.

Fixed this by adding a check that the tuple is valid before trying to
use it.
---
 .unreleased/pr_7432 | 1 +
 src/bgw/job.c       | 4 ++++
 2 files changed, 5 insertions(+)
 create mode 100644 .unreleased/pr_7432

diff --git a/.unreleased/pr_7432 b/.unreleased/pr_7432
new file mode 100644
index 00000000000..b8ffb610987
--- /dev/null
+++ b/.unreleased/pr_7432
@@ -0,0 +1 @@
+Fixes: #7432 Verify that heap tuple is valid before using
diff --git a/src/bgw/job.c b/src/bgw/job.c
index 0eb993895e6..5414b6d823d 100644
--- a/src/bgw/job.c
+++ b/src/bgw/job.c
@@ -961,6 +961,10 @@ void
 ts_bgw_job_validate_job_owner(Oid owner)
 {
 	HeapTuple role_tup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(owner));
+
+	if (!HeapTupleIsValid(role_tup))
+		elog(ERROR, "cache lookup failed for role %u", owner);
+
 	Form_pg_authid rform = (Form_pg_authid) GETSTRUCT(role_tup);
 
 	if (!rform->rolcanlogin)