Fix integer-overflow problem in intarray's g_int_decompress().

An array element equal to INT_MAX gave this code indigestion, causing an infinite loop that surely ended in SIGSEGV. We fixed some nearby problems awhile ago (cf 757c5182f) but missed this. Report and diagnosis by Alexander Lakhin (bug #18273); patch by me Discussion: https://postgr.es/m/18273-9a832d1da122600c@postgresql.org
author: Tom Lane <tgl@sss.pgh.pa.us> 2024-01-07 15:19:50 -0500
committer: Tom Lane <tgl@sss.pgh.pa.us> 2024-01-07 15:19:50 -0500
commit: 940ab02b53eb3a3babc9dd4dea261f5a6d8aa334 (patch)
tree: 9fd0c30e643e7ed98d6b0afd750e1c63d9f05a94 /contrib/intarray/sql
parent: 1a7c03e6fc75d2a5ee4893252d47f0549f078494 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/contrib/intarray/sql/_int.sql b/contrib/intarray/sql/_int.sql
index bd3e01208d5..95eec96c14e 100644
--- a/contrib/intarray/sql/_int.sql
+++ b/contrib/intarray/sql/_int.sql
@@ -194,9 +194,10 @@ DROP INDEX text_idx;
 -- core that would reach the same codepaths.
 CREATE TABLE more__int AS SELECT
    -- Leave alone NULLs, empty arrays and the one row that we use to test
-   -- equality
+   -- equality; also skip INT_MAX
    CASE WHEN a IS NULL OR a = '{}' OR a = '{73,23,20}' THEN a ELSE
-     (select array_agg(u) || array_agg(u + 1000) || array_agg(u + 2000) from (select unnest(a) u) x)
+     (select array_agg(u) || array_agg(u + 1000) || array_agg(u + 2000)
+      from unnest(a) u where u < 2000000000)
    END AS a, a as b
    FROM test__int;
 CREATE INDEX ON more__int using gist (a gist__int_ops(numranges = 252));
author	Tom Lane <tgl@sss.pgh.pa.us>	2024-01-07 15:19:50 -0500
committer	Tom Lane <tgl@sss.pgh.pa.us>	2024-01-07 15:19:50 -0500
commit	940ab02b53eb3a3babc9dd4dea261f5a6d8aa334 (patch)
tree	9fd0c30e643e7ed98d6b0afd750e1c63d9f05a94 /contrib/intarray/sql
parent	1a7c03e6fc75d2a5ee4893252d47f0549f078494 (diff)