Home > mailing lists

pgsql: Detect integer overflow in array_set_slice(). - Mailing list pgsql-committers

From	Nathan Bossart
Subject	pgsql: Detect integer overflow in array_set_slice().
Date	July 24 06:02:33
Msg-id	E1sWSGv-000vk6-8X@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Detect integer overflow in array_set_slice().

When provided an empty initial array, array_set_slice() fails to
check for overflow when computing the new array's dimensions.
While such overflows are ordinarily caught by ArrayGetNItems(),
commands with the following form are accepted:

        INSERT INTO t (i[-2147483648:2147483647]) VALUES ('{}');

To fix, perform the hazardous computations using overflow-detecting
arithmetic routines.  As with commit 18b585155a, the added test
cases generate errors that include a platform-dependent value, so
we again use psql's VERBOSITY parameter to suppress printing the
message text.

Reported-by: Alexander Lakhin
Author: Joseph Koshakow
Reviewed-by: Jian He
Discussion: https://postgr.es/m/31ad2cd1-db94-bdb3-f91a-65ffdb4bef95%40gmail.com
Backpatch-through: 12

Branch
------
REL_12_STABLE

Details
-------
https://git.postgresql.org/pg/commitdiff/878e8c6be7ab2523b3dcbe238578e95162f521e9

Modified Files
--------------
src/backend/utils/adt/arrayfuncs.c   | 9 ++++++++-
src/test/regress/expected/arrays.out | 4 ++++
src/test/regress/sql/arrays.sql      | 2 ++
3 files changed, 14 insertions(+), 1 deletion(-)

pgsql-committers by date:

From: Peter Eisentraut
Date: 23 July, 16:15:02
Subject: pgsql: Move extern declarations for EXEC_BACKEND to header files

From: Peter Eisentraut
Date: 24 July, 07:36:16
Subject: pgsql: Move all extern declarations for GUC variables to header files

pgsql: Detect integer overflow in array_set_slice(). - Mailing list pgsql-committers

Previous

Next