Home > mailing lists

Re: [PATCH] bms_prev_member() can read beyond the end of the array of allocated words - Mailing list pgsql-hackers

From	Greg Burd
Subject	Re: [PATCH] bms_prev_member() can read beyond the end of the array of allocated words
Date	August 14 18:58:26
Msg-id	833EA934-B153-4929-90DF-97DE49887932@getmailspring.com Whole thread Raw
In response to	Re: [PATCH] bms_prev_member() can read beyond the end of the array of allocated words (David Rowley <dgrowleyml@gmail.com>)
List	pgsql-hackers

Tree view

On Aug 14 2025, at 11:49 am, David Rowley <dgrowleyml@gmail.com> wrote:

> On Fri, 15 Aug 2025 at 03:43, Greg Burd <greg@burd.me> wrote:
>> Well, that was rushed.  Apologies.
> 
> Would you be ok with adding the Assert after the "a == NULL" check?, i.e:
> 
> if (a == NULL || prevbit == 0)
>    return -2;
> 
> /* Validate callers didn't give us something out of range */
> Assert(prevbit <= a->nwords * BITS_PER_BITMAPWORD);
> 
> David

Good thinking, less contorted logic and a more obvious check for NULL
and the result to expect in that case.

-greg

Attachment

v5-0001-Prevent-bms_prev_member-from-reading-beyond-the-e.patch

pgsql-hackers by date:

From: Tom Lane
Date: 14 August, 18:53:56
Subject: Re: [Feature request] Add a way to get the length of a PQerrorMessage in libpq

From: David Rowley
Date: 14 August, 18:59:20
Subject: Re: [PATCH] bms_prev_member() can read beyond the end of the array of allocated words

Re: [PATCH] bms_prev_member() can read beyond the end of the array of allocated words - Mailing list pgsql-hackers

Attachment

Previous

Next