Re: Fix overflow in DecodeInterval
Joseph Koshakow <koshy44@gmail.com>
From: Joseph Koshakow <koshy44@gmail.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Andres Freund <andres@anarazel.de>, PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2022-04-03T22:19:54Z
Lists: pgsql-hackers
On Sun, Apr 3, 2022 at 3:06 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:
> That buildfarm machine is pretty slow, so I'm not in a hurry to test
> it manually either. However, now that we realize the issue is about
> whether strtod(".") produces EINVAL or not, I think we need to fix
> all the places in datetime.c that are risking that. After a bit of
> hacking I have the attached. (I think that the call sites for
> strtoint and its variants are not at risk of passing empty strings,
> so there's not need for concern there.)
>
> BTW, the way you had it coded would allow 'P.Y0M3DT4H5M6S', which
> I don't think we want to allow --- at least, that's rejected by v14
> on my machine.
Oh yeah, good catch. Your patch seems like it should
fix all the issues. Thanks again for the help!
- Joe Koshakow
Commits
-
Fix portability issues in datetime parsing.
- 591e088dd5b3 15.0 landed
-
Fix overflow hazards in interval input and output conversions.
- e39f99046710 15.0 landed
-
Add a couple more tests for interval input decoding.
- 1b208ebaf14e 15.0 landed