Hi,
a fellow Debian Developer found a minor glitch in
src/timezone/localtime.c, where binary search is used. Now I don't
think there is an actual problem (unless there's > 2^30 timezones),
but it would at least make sense to mark the code as okayish so that
people running code scanners won't stumble over the issue again.
The attached patch added comments to address this.
Date: Sun, 30 Nov 2014 22:06:42 +0100
From: Niels Thykier <niels@thykier.net>
Reply-To: Niels Thykier <niels@thykier.net>, 771580@bugs.debian.org
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: [Pkg-postgresql-public] Bug#771580: postgresql-9.4: Minor binary-search
int overflow
Source: postgresql-9.4
Version: 9.4~rc1-1
Severity: minor
Hi,
I stumbled on the folowing snippet from src/timezone/localtime.c,
function pg_interpret_timezone_abbrev:
{
int lo = 0;
int hi = sp->timecnt;
while (lo < hi)
{
int mid = (lo + hi) >> 1;
^^^^^^^
This looks it is subject to a known int overflow, when (original) hi
is close to INT_MAX and the item being close to then end of the array.
~Niels
[The original report had a link here to the googleresearch blog , but
the PG list servers think it is spam :(]
