On 06/02/2015 06:47 PM, Andreas Seltenreich wrote:
> Tom Lane <tgl@sss.pgh.pa.us> writes:
>
>> Andreas Seltenreich <andreas.seltenreich@credativ.de> writes:
>>> The scary one is due to an integer overflow the attached patch also
>>> fixes.
>>
>> s/int/Size/ doesn't fix anything on 32-bit machines.
>
> Well, it changes the signedness of the computation on 32-bit, and in
> combination with the fact that "len" is always smaller than 2^32, but
> may exceed 2^31-1, the change avoids the dependency on the undefined
> behavior of signed integer overflows in C on 32-bit as well. But I
> admit that this might be a rather academic point...
>
Postgres requires twos-complement representation, so that the assumption
that signed integer types wrap around on overflow can be safely made.