mirror of
				https://github.com/postgres/postgres.git
				synced 2025-10-25 13:17:41 +03:00 
			
		
		
		
	Fix overflow check in StringInfo; add missing casts
A few thinkos I introduced in fa2fa99552.  Also, amend a similarly
broken comment.
Report by Daniel Vérité.
Authors: Daniel Vérité, Álvaro Herrera
Discussion: https://postgr.es/m/1706e85e-60d2-494e-8a64-9af1e1b2186e@manitou-mail.org
			
			
This commit is contained in:
		| @@ -313,19 +313,20 @@ enlargeStringInfo(StringInfo str, int needed) | ||||
| 	 * for efficiency, double the buffer size each time it overflows. | ||||
| 	 * Actually, we might need to more than double it if 'needed' is big... | ||||
| 	 */ | ||||
| 	newlen = 2 * str->maxlen; | ||||
| 	while (needed > newlen) | ||||
| 	newlen = 2 * (Size) str->maxlen; | ||||
| 	while ((Size) needed > newlen) | ||||
| 		newlen = 2 * newlen; | ||||
|  | ||||
| 	/* | ||||
| 	 * Clamp to the limit in case we went past it.  Note we are assuming here | ||||
| 	 * that limit <= INT_MAX/2, else the above loop could overflow.  We will | ||||
| 	 * still have newlen >= needed. | ||||
| 	 * Clamp to the limit in case we went past it.  (We used to depend on | ||||
| 	 * limit <= INT32_MAX/2, to avoid overflow in the loop above; we no longer | ||||
| 	 * depend on that, but if "needed" and str->maxlen ever become wider, we | ||||
| 	 * will need similar caution here.)  We will still have newlen >= needed. | ||||
| 	 */ | ||||
| 	if (newlen > limit) | ||||
| 		newlen = limit; | ||||
|  | ||||
| 	str->data = (char *) repalloc_huge(str->data, (Size) newlen); | ||||
| 	str->data = (char *) repalloc_huge(str->data, newlen); | ||||
|  | ||||
| 	str->maxlen = newlen; | ||||
| } | ||||
|   | ||||
		Reference in New Issue
	
	Block a user