Re: Avoid possible overflow (src/port/bsearch_arg.c)
Nathan Bossart <nathandbossart@gmail.com>
From: Nathan Bossart <nathandbossart@gmail.com>
To: Ranier Vilela <ranier.vf@gmail.com>
Cc: Pg Hackers <pgsql-hackers@postgresql.org>
Date: 2024-10-08T21:28:37Z
Lists: pgsql-hackers
On Tue, Oct 08, 2024 at 04:09:00PM -0300, Ranier Vilela wrote: > The port function *bsearch_arg* mimics the C function > *bsearch*. > > The API signature is: > void * > bsearch_arg(const void *key, const void *base0, > size_t nmemb, size_t size, > int (*compar) (const void *, const void *, void *), > void *arg) > > So, the parameter *nmemb* is size_t. > Therefore, a call with nmemb greater than INT_MAX is possible. > > Internally the code uses the *int* type to iterate through the number of > members, which makes overflow possible. I traced this back to commit bfa2cee (v14), which both moved bsearch_arg() to its current location and adjusted the style a bit. Your patch looks reasonable to me. -- nathan
Commits
-
Fix overflow in bsearch_arg() with more than INT_MAX elements
- 55327256a049 14.14 landed
- 07ca2d4110d4 15.9 landed
- 211e6a5b2b26 16.5 landed
- 22b914121ad8 17.1 landed
- de5afddc3ba4 18.0 landed
-
Fix typos and grammar in comments and docs
- 7ef8b52cf079 14.0 cited
-
Move bsearch_arg to src/port
- bfa2cee78412 14.0 cited