Re: BUG #19405: Assertion in eval_windowaggregates() fails due to integer overflow
Richard Guo <guofenglinux@gmail.com>
From: Richard Guo <guofenglinux@gmail.com>
To: Alexander Lakhin <exclusion@gmail.com>
Cc: pgsql-bugs@lists.postgresql.org
Date: 2026-02-14T13:44:48Z
Lists: pgsql-bugs
Attachments
- v2-0001-Fix-signed-integer-overflow-in-nodeWindowAgg.c.patch (application/octet-stream) patch v2-0001
On Sat, Feb 14, 2026 at 8:00 PM Richard Guo <guofenglinux@gmail.com> wrote: > Right, I noticed this one too. Basically, nodeWindowAgg.c doesn't > check for overflow when adding startOffsetValue or endOffsetValue. > Since these values are provided by the user and can be arbitrarily > large, simple addition does not seem safe. I think we may need to > switch to overflow-aware integer operations in all relevant code. Here is an updated patch to fix all relevant code in nodeWindowAgg.c. - Richard
Commits
-
Fix integer overflow in nodeWindowAgg.c
- 305cf0df0c78 14.23 landed
- 4da71fc37a20 15.18 landed
- 0fe032e6a666 16.14 landed
- f8736f8bc531 17.10 landed
- bfc7dff26d53 18.4 landed
- 8b6c89e377b5 19 (unreleased) landed