Thread

Commits

  1. Guard against overflow in interval_mul() and interval_div().

  1. BUG #18200: Undefined behaviour in interval_div

    The Post Office <noreply@postgresql.org> — 2023-11-15T13:00:01Z

    The following bug has been logged on the website:
    
    Bug reference:      18200
    Logged by:          Alexander Lakhin
    Email address:      exclusion@gmail.com
    PostgreSQL version: 16.1
    Operating system:   Ubuntu 22.04
    Description:        
    
    The following query:
    SELECT interval '12000000 months' / 0.001;
    
    triggers an ubsan-detected error:
    timestamp.c:3408:18: runtime error: 1.2e+10 is outside the range of
    representable values of type 'int'
    
    Without ubsan the result is:
     -178956970 years -8 mons -2562047788:00:54.775808
    
    This bogus value returned on REL_15_STABLE .. master, but on e39f99046~1
    I get:
    ERROR:  interval out of range
    
    without ubsan. Though with the sanitizer I see the same complaint (and it
    can be seen on previous branches including REL_12_STABLE):
    timestamp.c:3318:18: runtime error: 1.2e+10 is outside the range of
    representable values of type 'int'
    
    
  2. Re: BUG #18200: Undefined behaviour in interval_div

    Laurenz Albe <laurenz.albe@cybertec.at> — 2023-11-15T17:23:08Z

    On Wed, 2023-11-15 at 13:00 +0000, PG Bug reporting form wrote:
    > The following query:
    > SELECT interval '12000000 months' / 0.001;
    > 
    > triggers an ubsan-detected error:
    > timestamp.c:3408:18: runtime error: 1.2e+10 is outside the range of
    > representable values of type 'int'
    > 
    > Without ubsan the result is:
    >  -178956970 years -8 mons -2562047788:00:54.775808
    
    How about the attached fix?
    
    Yours,
    Laurenz Albe
    
  3. Re: BUG #18200: Undefined behaviour in interval_div

    Dean Rasheed <dean.a.rasheed@gmail.com> — 2023-11-15T18:14:41Z

    On Wed, 15 Nov 2023 at 17:23, Laurenz Albe <laurenz.albe@cybertec.at> wrote:
    >
    > How about the attached fix?
    >
    
    I don't think that's sufficient -- interval_div() should have all the
    same overflow protections that interval_mul() has, since they're
    basically doing the same thing.
    
    However, I don't think that's sufficient either -- looking at
    interval_mul(), there is nothing to prevent integer overflow when
    cascading down, so additional checks are needed there too (in both
    functions).
    
    Regards,
    Dean
    
    
    
    
  4. Re: BUG #18200: Undefined behaviour in interval_div

    Dean Rasheed <dean.a.rasheed@gmail.com> — 2023-11-15T22:41:01Z

    On Wed, 15 Nov 2023 at 18:14, Dean Rasheed <dean.a.rasheed@gmail.com> wrote:
    >
    > looking at
    > interval_mul(), there is nothing to prevent integer overflow when
    > cascading down, so additional checks are needed there too (in both
    > functions).
    >
    
    Here's a patch doing that. I'm inclined to back-patch this, because
    this seems like something that's quite easily triggered, and returning
    bogus results is not good.
    
    Regards,
    Dean
    
  5. Re: BUG #18200: Undefined behaviour in interval_div

    Dean Rasheed <dean.a.rasheed@gmail.com> — 2023-11-18T15:16:16Z

    On Wed, 15 Nov 2023 at 22:41, Dean Rasheed <dean.a.rasheed@gmail.com> wrote:
    >
    > On Wed, 15 Nov 2023 at 18:14, Dean Rasheed <dean.a.rasheed@gmail.com> wrote:
    > >
    > > looking at
    > > interval_mul(), there is nothing to prevent integer overflow when
    > > cascading down, so additional checks are needed there too (in both
    > > functions).
    >
    > Here's a patch doing that. I'm inclined to back-patch this
    >
    
    Pushed and back-patched.
    
    Regards,
    Dean