Home > mailing lists

Re: [PATCH] bms_prev_member() can read beyond the end of the array of allocated words - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: [PATCH] bms_prev_member() can read beyond the end of the array of allocated words
Date	August 14 18:14:49
Msg-id	138396.1755184489@sss.pgh.pa.us Whole thread Raw
In response to	Re: [PATCH] bms_prev_member() can read beyond the end of the array of allocated words (David Rowley <dgrowleyml@gmail.com>)
Responses	Re: [PATCH] bms_prev_member() can read beyond the end of the array of allocated words Re: [PATCH] bms_prev_member() can read beyond the end of the array of allocated words
List	pgsql-hackers

Tree view

David Rowley <dgrowleyml@gmail.com> writes:
> It is valid to pass prevbit as a->nwords * BITS_PER_BITMAPWORD as the
> code does "prevbit--;". Maybe it would be less confusing if it were
> written as:
>  * "prevbit" must be less than or equal to "a->nwords * BITS_PER_BITMAPWORD".
> The Assert should be using <= rather than <.

Actually, I don't agree with that.  It's true that it wouldn't fail,
but a caller doing that is exhibiting undue intimacy with the innards
of Bitmapsets.  The expected usage is that the argument is initially
-1 and after that the result of the previous call (which'll
necessarily be less than a->nwords * BITS_PER_BITMAPWORD).  We don't
have any state with which we can verify the chain of calls, but it
seems totally reasonable to me to disallow an outside caller
providing an argument >= a->nwords * BITS_PER_BITMAPWORD.

            regards, tom lane

pgsql-hackers by date:

From: KAZAR Ayoub
Date: 14 August, 17:59:55
Subject: Re: Speed up COPY FROM text/CSV parsing using SIMD

From: Jacob Champion
Date: 14 August, 18:20:13
Subject: Re: Annoying warning in SerializeClientConnectionInfo

Re: [PATCH] bms_prev_member() can read beyond the end of the array of allocated words - Mailing list pgsql-hackers

Previous

Next