On Fri, Nov 22, 2024 at 02:23:47PM -0500, Tom Lane wrote:
> + if (strlen(dbname) < NAMEDATALEN)
> + {
> + /* Typical, easy case: no truncation needed */
> + tuple = GetDatabaseTupleInternal(relation, dbname);
> + }
> + else if (!IS_HIGHBIT_SET(dbname[NAMEDATALEN - 1]) ||
> + !IS_HIGHBIT_SET(dbname[NAMEDATALEN - 2]))
> + {
> + /* Also easy: truncation at NAMEDATALEN - 1 cannot break an MB char */
> + memcpy(tname, dbname, sizeof(tname));
> + tname[NAMEDATALEN - 1] = '\0';
> + tuple = GetDatabaseTupleInternal(relation, tname);
I had some time to think about this issue and I now realize the test
above is correct, but I couldn't figure out why it was correct before.
If we want to use this test, which I now think is fine, I suggest the
following comment:
If we put a NULL byte at byte offset NAMEDATALEN - 1, we don't want
to break a multi-byte character when doing this. If byte offset
NAMEDATALEN - 1 does not have its high bit set, we can be sure
we will not break a multi-byte character during the overwrite.
Also, if NAMEDATALEN - 2 does not have its high bit set, then
NAMEDATALEN - 1 is either a single-byte non-ASCII character,
or is the _start_ of a multi-byte character, so it is also safe
to overwrite it without breaking a multi-byte character.
Sorry I did not figure this out earlier.
--
Bruce Momjian <bruce@momjian.us> https://momjian.us
EDB https://enterprisedb.com
When a patient asks the doctor, "Am I going to die?", he means
"Am I going to die soon?"
