Re: [Patch] Fix bounds check in trim_array()

Nathan Bossart <nathandbossart(at)gmail(dot)com> writes:
> On Mon, Jul 25, 2022 at 04:40:51PM +0200, Martin Kalcher wrote:
>> +SELECT trim_array(ARRAY[]::int[], 1); -- fail
>> +ERROR: number of elements to trim must be between 0 and 0

> Can we improve the error message? Maybe it should look something like
> ERROR: number of elements to trim must be 0
> for this case.

Hmm, I'm unexcited about making our long-suffering translators
deal with another translatable string for such a corner case.
I think it's fine as-is.

A bigger problem is that a little further down, there's an equally
unprotected reference to ARR_LBOUND(v)[0]. Now, the fact that that
expression computes garbage doesn't matter too much, because AFAICS
if the array is zero-D then array_get_slice is going to exit at

if (ndim < nSubscripts || ndim <= 0 || ndim > MAXDIM)
return PointerGetDatum(construct_empty_array(elemtype));

without ever examining its upperIndx[] argument. However,
once we put in a test case covering this behavior, I bet that
valgrind-using buildfarm animals will start to bleat about the
invalid memory access. I think the easiest fix is like

if (ARR_NDIM(v) > 0)
{
upper[0] = ARR_LBOUND(v)[0] + array_length - n - 1;
upperProvided[0] = true;
}

It'd be good to get this fix into next week's minor releases,
so I'll go push it.

regards, tom lane