Thread: [PATCH] Fix potential overflow in binary search mid calculation
Dear PostgreSQL Developers,
I have identified a potential integer overflow issue in the binary search implementation within the DSA size class lookup code.
Issue Description
In the current implementation, the calculation of mid is performed as:
uint16 mid = (max + min) / 2;Since both max and min are of type uint16, adding them together may exceed 65535, leading to an overflow and incorrect behavior in the binary search logic. This could result in incorrect indexing into the dsa_size_classes array.
Proposed Fix
To prevent this overflow, we should use the alternative calculation method:
uint16 mid = min + (max - min) / 2;This approach ensures that (max - min) does not exceed 65535, preventing the addition from overflowing while still correctly computing the middle index.
Patch
A patch implementing this fix is attached.
Attachment
Dear PostgreSQL Developers,
I have identified a potential integer overflow issue in the binary search implementation within the DSA size class lookup code.
Issue Description
In the current implementation, the calculation of
midis performed as:uint16 mid = (max + min) / 2;Since both
maxandminare of typeuint16, adding them together may exceed65535, leading to an overflow and incorrect behavior in the binary search logic. This could result in incorrect indexing into thedsa_size_classesarray.
Proposed Fix
To prevent this overflow, we should use the alternative calculation method:
uint16 mid = min + (max - min) / 2;This approach ensures that
(max - min)does not exceed65535, preventing the addition from overflowing while still correctly computing the middle index.Patch
A patch implementing this fix is attached.