Alvaro Herrera <alvherre@alvh.no-ip.org> writes:
> I think we're bound to hit this limit at some point in the future, and
> it seems easy enough to solve. I propose the attached, which is pretty
> much what Hongxu last submitted, with some minor changes.
This bit needs more work:
- content->cells = pg_malloc0((ncolumns * nrows + 1) * sizeof(*content->cells));
+ total_cells = (int64) ncolumns * nrows;
+ content->cells = pg_malloc0((total_cells + 1) * sizeof(*content->cells));
You've made the computation of total_cells reliable, but there's
nothing stopping the subsequent computation of the malloc argument
from overflowing (especially on 32-bit machines). I think we need
an explicit test along the lines of
if (total_cells >= SIZE_MAX / sizeof(*content->cells))
throw error;
(">=" allows not needing to add +1.)
Also, maybe total_cells should be uint64? We don't want
negative values to pass this test. Alternatively, add a separate
check that total_cells >= 0.
It should be sufficient to be paranoid about this in printTableInit,
since after that we know the product of ncolumns * nrows isn't
too big.
The rest of this passes an eyeball check.
regards, tom lane
