Detect integer overflow in array_set_slice(). - user/sven/postgresql.git

diff options

author	Nathan Bossart <nathan@postgresql.org>	2024-07-23 21:59:02 -0500
committer	Nathan Bossart <nathan@postgresql.org>	2024-07-23 21:59:02 -0500
commit	670fb9f187cd75b6928cc044897a1f468439e19d (patch)
tree	a6f45318b66f8308b7be4ac4c2cc8998f9bec472 /src/backend/access/transam/parallel.c
parent	30281db50108468a18e0a8ad5eb83e5367472f2b (diff)

Detect integer overflow in array_set_slice().

When provided an empty initial array, array_set_slice() fails to check for overflow when computing the new array's dimensions. While such overflows are ordinarily caught by ArrayGetNItems(), commands with the following form are accepted: INSERT INTO t (i[-2147483648:2147483647]) VALUES ('{}'); To fix, perform the hazardous computations using overflow-detecting arithmetic routines. As with commit 18b585155a, the added test cases generate errors that include a platform-dependent value, so we again use psql's VERBOSITY parameter to suppress printing the message text. Reported-by: Alexander Lakhin Author: Joseph Koshakow Reviewed-by: Jian He Discussion: https://postgr.es/m/31ad2cd1-db94-bdb3-f91a-65ffdb4bef95%40gmail.com Backpatch-through: 12

Diffstat (limited to 'src/backend/access/transam/parallel.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: