Home > mailing lists

ARRNELEMS Out-of-bounds possible errors - Mailing list pgsql-hackers

From	Ranier Vilela
Subject	ARRNELEMS Out-of-bounds possible errors
Date	December 22, 2022 18:35:58
Msg-id	CAEudQAqV78KwACTqN1DGGFZ_n+crst-p3EFQDVE8kc-mtpu_bA@mail.gmail.com Whole thread Raw
Responses	Re: ARRNELEMS Out-of-bounds possible errors (Nikita Malakhov <hukutoc@gmail.com>) Re: ARRNELEMS Out-of-bounds possible errors (Kyotaro Horiguchi <horikyota.ntt@gmail.com>)
List	pgsql-hackers

Hi.

Per Coverity.

The commit ccff2d2, changed the behavior function ArrayGetNItems,

with the introduction of the function ArrayGetNItemsSafe.

Now ArrayGetNItems may return -1, according to the comment.

" instead of throwing an exception. -1 is returned after an error."

So the macro ARRNELEMS can fail entirely with -1 return,

resulting in codes failing to use without checking the function return.

Like (contrib/intarray/_int_gist.c):

{

int nel;

nel = ARRNELEMS(ent);
memcpy(ptr, ARRPTR(ent), nel * sizeof(int32));

}

Sources possibly affecteds:
contrib\cube\cube.c
contrib\intarray\_intbig_gist.c

contrib\intarray\_int_bool.c

contrib\intarray\_int_gin.c

contrib\intarray\_int_gist.c

contrib\intarray\_int_op.c
contrib\intarray\_int_tool.c:

Thoughts?

regards,

Ranier Vilela

From: Masahiko Sawada
Date: 22 December 2022, 17:59:22
Subject: Re: [PoC] Improve dead tuple storage for lazy vacuum

From: Tom Lane
Date: 22 December 2022, 19:05:36
Subject: Re: Optimization issue of branching UNION ALL