On 21 September 2015 at 17:14, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Dean Rasheed <dean.a.rasheed@gmail.com> writes:
>> On 21 September 2015 at 16:09, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>>> After trying to rework the comment to explain what maxdig really meant
>>> after your changes, I came to the conclusion that it'd be better to do
>>> it as per attached. Does this look sane to you?
>
>> Yes that looks better. It's still the same amount of extra headroom
>> (21), but I think it's clearer your way.
>
> OK, pushed (after further hacking on the comment ...)
>
> regards, tom lane
I just noticed that div_var_fast() has almost identical code, and so
in principle it has the same vulnerability, although it obviously only
affects the transcendental functions.
I don't actually have a test case that triggers it, but it's basically
the same algorithm, so logically it needs the same additional headroom
to avoid a possible overflow.
Regards,
Dean
