Hi.
Per Coverity.
CID 1608872: (#1 of 1): Improper use of negative value (NEGATIVE_RETURNS)
32. negative_returns: bms_next_member(child_joinrel->relids, -1) is passed to a parameter that cannot be negative.[show details]
CID 1608871: (#1 of 1): Out-of-bounds access (OVERRUN)
32. overrun-buffer-arg: Calling add_child_eq_member with cur_ec->ec_childmembers and bms_next_member(child_joinrel->relids, -1) is suspicious because of the very large index, 4294967294. The index may be due to a negative parameter being interpreted as unsigned.
Coverity has two new reports about use of the function *bms_next_member*.
I think that he is right.
The function bms_next_member can return NEGATIVE.
So it is necessary to validate the function's return.
Attached has three patchs.
1. src/backend/optimizer/path/equivclass.c
Source of the Coverity report.
Function: add_child_join_rel_equivalences
Check the return of bms_next_member and avoid
continue if return is negative.
2. src/backend/partitioning/partprune.c
Function: make_partition_pruneinfo
Check the return of bms_next_member and avoid look if
targetpart if not found.
3. contrib/postgres_fdw/postgres_fdw.c
Function: postgresBeginForeignScan
Check the return of bms_next_member and abort if fail.
Function: postgresExplainForeignScan
Check the return of bms_next_member and abort if fail.
The patchs are attempts, not definitive fixes.
best regards,
Ranier Vilela
