Fix read-after-free bug in error handler.

If a connection dies, CC_on_abort() calls PQfinish() which frees the error
message. handle_pgres_error better deal with the error message before
calling CC_on_abort().

Spotted by valgrind, on the "diagnostic" regression test.

diff --git a/connection.c b/connection.c
index e88a30a5ed406eebea693f2af056275d976cec3d..1ef123604ab4da2638e18fd20d2c088d49069b46 100644 (file)
--- a/connection.c
+++ b/connection.c
@@ -867,13 +867,6 @@ handle_pgres_error(ConnectionClass *self, const PGresult *pgres,
 
    mylog("notice/error message len=%d\n", strlen(errmsg));
 
-   if (0 != abort_opt
-#ifdef _LEGACY_MODE_
-       || TRUE
-#endif /* _LEGACY_NODE_ */
-       )
-       CC_on_abort(self, abort_opt);
-
    if (fatal)
    {
        if (res)
@@ -896,6 +889,13 @@ handle_pgres_error(ConnectionClass *self, const PGresult *pgres,
    if (errmsg != errprimary)
        free(errmsg);
 
+   if (0 != abort_opt
+#ifdef _LEGACY_MODE_
+       || TRUE
+#endif /* _LEGACY_NODE_ */
+       )
+       CC_on_abort(self, abort_opt);
+
    LIBPQ_update_transaction_status(self);
 }