Re: Money type does not detect over/underflow unlike int/int8

At Tue, 04 Apr 2017 12:52:47 -0400, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote in <18086(dot)1491324767(at)sss(dot)pgh(dot)pa(dot)us>
> Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> writes:
> > On 3/31/17 19:03, Yasuo Ohgaki wrote:
> >> However, money type does not detect over/underflow and results in
> >> strange results.
>
> > This has been fixed in PostgreSQL 10. Please test.
>
> I think the only thing that's actually gotten done is fixing cash_in
> to reject out-of-range input values. Somebody ought to fix all the
> money arithmetic functions to notice overflow, too; though I'm not
> very clear what would be a good strategy in places like cash_mul_flt8,
> where you couldn't count on an exact result.

I suppose that the result of them is not precisely defined, so
just converting the float into int64 will be enough, of course
after some range check. Anyway the result also cannot exceed the
limit of int64. After that, cheking overflow is a simple job.

# than handling signed values split into two parts... maybe.

Roughly something like this.

cash_mul_flt8(PG_FUNCTION_ARGS)
{
Cash c = PG_GETARG_CASH(0);
float8 f = PG_GETARG_FLOAT8(1);
Cash result;

if (f >= CASH_MAX / 100 || f <= CASH_MIN / 100)
ereport("out of range");

result = (Cash)f * 100;
if ((c > 0 && CASH_MAX / c <= result) ||
(c < 0 && CASH_MIN / c >= result))
ereport("overflow");

result *= c;
PG_RETURN_CASH(result);
}

regards,

--
Kyotaro Horiguchi
NTT Open Source Software Center