Re: glibc qsort() vulnerability - Mailing list pgsql-hackers

From Nathan Bossart
Subject Re: glibc qsort() vulnerability
Date
Msg-id 20240210205332.GA1124797@nathanxps13
Whole thread Raw
In response to Re: glibc qsort() vulnerability  (Mats Kindahl <mats@timescale.com>)
Responses Re: glibc qsort() vulnerability
List pgsql-hackers
On Sat, Feb 10, 2024 at 08:59:06AM +0100, Mats Kindahl wrote:
> Split the code into two patches: one that just adds the functions
> (including the new pg_cmp_size()) to common/int.h and one that starts using
> them. I picked the name "pg_cmp_size" rather than "pg_cmp_size_t" since
> "_t" is usually used as a suffix for types.
> 
> I added a comment to the (a > b) - (a < b) return and have also added casts
> to (int32) for the int16 and uint16 functions (we need a signed int for
> uin16 since we need to be able to get a negative number).
> 
> Changed the type of two instances that had an implicit cast from size_t to
> int and used the new pg_,cmp_size() function.
> 
> Also fixed the missed replacements in the "contrib" directory.

Thanks for the new patches.  I think the comparison in resowner.c is
backwards, and I think we should expand on some of the commentary in int.h.
For example, the comment at the top of int.h seems very tailored to the
existing functions and should probably be adjusted.  And the "comparison
routines for integers" comment might benefit from some additional details
about the purpose and guarantees of the new functions.

-- 
Nathan Bossart
Amazon Web Services: https://aws.amazon.com



pgsql-hackers by date:

Previous
From: Nathan Bossart
Date:
Subject: Re: backend *.c #include cleanup (IWYU)
Next
From: Noah Misch
Date:
Subject: Re: Popcount optimization using AVX512