database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-06-27 23:21:58 +03:00
Code Activity

Ensure that snprintf.c's fmtint() doesn't overflow when printing INT64_MIN.

Browse Source 
This isn't actually a live bug, as the output happens to be the
same.  But it upsets tools like UBSan, which makes it worthwhile to
fix.

As it's an issue without practical consequences, don't backpatch.

Author: Andres Freund
Discussion: https://postgr.es/m/20180928001121.hhx5n6dsygqxr5wu@alap3.anarazel.de
This commit is contained in:
Andres Freund
2018-10-03 13:02:25 -07:00
parent 9a3cebeaa7
commit 4868e44685
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/port/snprintf.c
View File

@ -1007,6 +1007,7 @@ fmtint(long long value, char type, int forcesign, int leftjust,
PrintfTarget *target) PrintfTarget *target)
{ {
unsigned long long base; unsigned long long base;
unsigned long long uvalue;
int dosign; int dosign;
const char *cvt = "0123456789abcdef"; const char *cvt = "0123456789abcdef";
int signvalue = 0; int signvalue = 0;
@ -1045,7 +1046,9 @@ fmtint(long long value, char type, int forcesign, int leftjust,
/* Handle +/- */ /* Handle +/- */
if (dosign && adjust_sign((value < 0), forcesign, &signvalue)) if (dosign && adjust_sign((value < 0), forcesign, &signvalue))
value = -value; uvalue = -(uint64) value;
else
uvalue = (uint64) value;
/* /*
* SUS: the result of converting 0 with an explicit precision of 0 is no * SUS: the result of converting 0 with an explicit precision of 0 is no
@ -1056,8 +1059,6 @@ fmtint(long long value, char type, int forcesign, int leftjust,
else else
{ {
/* make integer string */ /* make integer string */
unsigned long long uvalue = (unsigned long long) value;
do do
{ {
convert[sizeof(convert) - (++vallen)] = cvt[uvalue % base]; convert[sizeof(convert) - (++vallen)] = cvt[uvalue % base];