| From: | Ranier Vilela <ranier(dot)vf(at)gmail(dot)com> |
|---|---|
| To: | David Rowley <dgrowleyml(at)gmail(dot)com> |
| Cc: | Pg Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Fix out-of-bounds in the function GetCommandTagName |
| Date: | 2024-04-15 00:12:31 |
| Message-ID: | CAEudQAot64qDbctM7ztQCV3+LdqWGTVFLoFGMGAvxj8LmmtuvQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Em dom., 14 de abr. de 2024 às 20:38, David Rowley <dgrowleyml(at)gmail(dot)com>
escreveu:
> On Mon, 15 Apr 2024 at 11:17, Ranier Vilela <ranier(dot)vf(at)gmail(dot)com> wrote:
> > Coverity has reported some out-of-bounds bugs
> > related to the GetCommandTagName function.
> >
> > The size of the array is defined by COMMAND_TAG_NEXTTAG enum,
> > whose value currently corresponds to 193.
> > Since enum items are evaluated starting at zero, by default.
>
> I think the change makes sense. I don't see any good reason to define
> COMMAND_TAG_NEXTTAG or force the compiler's hand when it comes to
> sizing that array.
>
> Clearly, Coverity does not understand that we'll never call any of
> those GetCommandTag* functions with COMMAND_TAG_NEXTTAG.
>
I think that Coverity understood it this way because when
including COMMAND_TAG_NEXTTAG, in the enum definition,
led to 193 items, and the last item in the array is currently 192.
> > Patch attached.
>
> You seem to have forgotten to attach it, but my comments above were
> written with the assumption that the patch is what I've attached here.
>
Yes, I actually forgot.
+1 for your patch.
best regards,
Ranier Vilela
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Geoghegan | 2024-04-15 00:22:03 | Re: Stability of queryid in minor versions |
| Previous Message | Michael Paquier | 2024-04-15 00:04:07 | Re: Stability of queryid in minor versions |