Re: BUG #18585: Date/time conversion functions are not protected against integer overflow

PG Bug reporting form <noreply(at)postgresql(dot)org> writes:
> The date/time conversion functions do_to_timestamp(), DCH_from_char(),
> ... lack reliable checks for integer overflow in the input components.
...
> (A couple of such anomalies were noticed at
>
https://www.postgresql.org/message-id/31ad2cd1-db94-bdb3-f91a-65ffdb4bef95%40gmail.com
,
> but as these ones trigger an incorrect behaviour even without -ftrapv and
> in the back branches, maybe it's better to fix these defects separately.)

The "v25-0001-Remove-dependence-on-fwrapv-semantics-in-some-da.patch"
patch in the linked thread above actually resolves some of these
issues. I took a brief look and it looks like most (possibly all) of
the remaining issues are due to unchecked arithmetic in the
`do_to_timestamp()` function in `formatting.c`. To resolve these issues
I would suggest someone go through that function and replace any
arithmetic that might overflow with the overflow-aware routines in
`int.h`. There are plenty of examples already in the
`do_to_timestamp()` function.

On Sun, Aug 18, 2024 at 12:53 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>
> If anybody does feel excited about the topic, I'm not going to stand
> in their way ... but I'm not excited.

I similarly do not plan on working on this but wanted to post the above
information for anyone who is interested.

Thanks,
Joseph Koshakow