On 2016-10-05 09:38:15 +0900, Michael Paquier wrote:
> On Wed, Oct 5, 2016 at 8:56 AM, Andres Freund <andres@anarazel.de> wrote:
> > That made me wonder if it's not actually a mistake for
> > MemoryContextAllocExtended() size parameter to be declared
> > Size/size_t. That prevents it from detecting such overflows, forcing
> > code like the above on callsites.
> >
> > Comments?
>
> The existing interface of MemoryContextAlloc do not care much about
> anything except Size, so I'd just give the responsability to the
> caller to do checks like queue != (Size) queue when queue is a uint64
> for example.
Well, that duplicates the check and error message everywhere.
And queue != (Size) queue will cause errors like
/home/andres/src/postgresql/src/include/lib/simplehash.h:182:44:
warning: self-comparison always evaluates to false [-Wtautological-compare]
> And I can see that your patch is using uint32 for SH_TYPE->size.
But it multiples the size with sizeof(elemement)...
Greetings,
Andres Freund