Michael Fuhr <mike@fuhr.org> writes:
> Hmmm...the PostgreSQL binaries on my Solaris/sparc box are 32-bit
> and the FreeBSD box is a 32-bit i386, yet both are susceptible to
> the crash.
On looking at it, the problem is that the functions are defined in such
a way that you can pass any random integer value to int_agg_final_array(),
and it'll try to interpret that as a pointer. So (a) it definitely
cannot work on 64-bit-pointer machines, and (b) it's trivial to crash it
by passing a number that's not a pointer.
The code should be rewritten by someone who has the skill to program
their way out of a paper bag :-( but I don't think there is time for a
proper fix right now. What I'm inclined to do as a stopgap is just to
revoke all privileges from public on the two component functions of the
aggregate, since there is no particularly good reason to allow them to
be called directly anyway.
regards, tom lane
