| From: | Ranier Vilela <ranier(dot)vf(at)gmail(dot)com> |
|---|---|
| To: | Nathan Bossart <nathandbossart(at)gmail(dot)com> |
| Cc: | Pg Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Avoid possible overflow (src/port/bsearch_arg.c) |
| Date: | 2024-10-09 16:16:31 |
| Message-ID: | CAEudQAr8KZET1ogPnT7esb7YdYbmJyFZWo-OnP+FgoKeL+N31A@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Em ter., 8 de out. de 2024 às 18:28, Nathan Bossart <
nathandbossart(at)gmail(dot)com> escreveu:
> On Tue, Oct 08, 2024 at 04:09:00PM -0300, Ranier Vilela wrote:
> > The port function *bsearch_arg* mimics the C function
> > *bsearch*.
> >
> > The API signature is:
> > void *
> > bsearch_arg(const void *key, const void *base0,
> > size_t nmemb, size_t size,
> > int (*compar) (const void *, const void *, void *),
> > void *arg)
> >
> > So, the parameter *nmemb* is size_t.
> > Therefore, a call with nmemb greater than INT_MAX is possible.
> >
> > Internally the code uses the *int* type to iterate through the number of
> > members, which makes overflow possible.
>
> I traced this back to commit bfa2cee (v14), which both moved bsearch_arg()
> to its current location and adjusted the style a bit. Your patch looks
> reasonable to me.
>
Thanks for looking.
best regards,
Ranier Vilela
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Nathan Bossart | 2024-10-09 16:33:33 | Re: Remove deprecated -H option from oid2name |
| Previous Message | Andrew Dunstan | 2024-10-09 16:14:24 | Re: Should CSV parsing be stricter about mid-field quotes? |