| From: | Oleg Tselebrovskiy <o(dot)tselebrovskiy(at)postgrespro(dot)ru> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | BRIN integer overflow |
| Date: | 2024-02-21 05:40:59 |
| Message-ID: | 299898ccd43fcdc32226478a0a3b4ac8@postgrespro.ru |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Greetings, everyone!
While analyzing output of Svace static analyzer [1] I've found a bug
Function bringetbitmap that is used in BRIN's IndexAmRoutine should
return an
int64 value, but the actual return value is int, since totalpages is int
and
totalpages * 10 is also int. This could lead to integer overflow
I suggest to change totalpages to be int64 to avoid potential overflow.
Also in all other "amgetbitmap functions" (such as hashgetbitmap,
gistgetbitmap,
gingetbitmap, blgetbitmap) the return value is of correct int64 type
The proposed patch is attached
[1] - https://svace.pages.ispras.ru/svace-website/en/
Oleg Tselebrovskiy, Postgres Pro
| Attachment | Content-Type | Size |
|---|---|---|
| brin_integer_overflow_fix.patch | text/x-diff | 457 bytes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2024-02-21 06:26:12 | Re: Add lookup table for replication slot invalidation causes |
| Previous Message | Andrew Dunstan | 2024-02-21 05:32:07 | Re: WIP Incremental JSON Parser |