database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-02 09:02:37 +03:00
Code Activity

Tighten overflow checks in tidin().

Browse Source 
This code seems to have been written on the assumption that
"unsigned long" is 32 bits; or at any rate it ignored the
possibility of conversion overflow.  Rewrite, borrowing some
logic from oidin().

Discussion: https://postgr.es/m/3441768.1646343914@sss.pgh.pa.us
This commit is contained in:
Tom Lane
2022-03-03 20:03:47 -05:00
parent b3c8aae008
commit f7ea240aa7
3 changed files with 52 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/backend/utils/adt/tid.c
View File

@ -64,10 +64,10 @@ tidin(PG_FUNCTION_ARGS)
BlockNumber blockNumber;
OffsetNumber offsetNumber;
char *badp;
int hold_offset;
unsigned long cvt;
for (i = 0, p = str; *p && i < NTIDARGS && *p != RDELIM; p++)
if (*p == DELIM || (*p == LDELIM && !i))
if (*p == DELIM || (*p == LDELIM && i == 0))
coord[i++] = p + 1;
if (i < NTIDARGS)
@ -77,22 +77,36 @@ tidin(PG_FUNCTION_ARGS)
"tid", str)));
errno = 0;
blockNumber = strtoul(coord[0], &badp, 10);
cvt = strtoul(coord[0], &badp, 10);
if (errno || *badp != DELIM)
ereport(ERROR,
(errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
errmsg("invalid input syntax for type %s: \"%s\"",
"tid", str)));
blockNumber = (BlockNumber) cvt;
hold_offset = strtol(coord[1], &badp, 10);
if (errno || *badp != RDELIM ||
hold_offset > USHRT_MAX || hold_offset < 0)
/*
* Cope with possibility that unsigned long is wider than BlockNumber, in
* which case strtoul will not raise an error for some values that are out
* of the range of BlockNumber. (See similar code in oidin().)
*/
#if SIZEOF_LONG > 4
if (cvt != (unsigned long) blockNumber &&
cvt != (unsigned long) ((int32) blockNumber))
ereport(ERROR,
(errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
errmsg("invalid input syntax for type %s: \"%s\"",
"tid", str)));
#endif
offsetNumber = hold_offset;
cvt = strtoul(coord[1], &badp, 10);
if (errno || *badp != RDELIM ||
cvt > USHRT_MAX)
ereport(ERROR,
(errcode(ERRCODE_INVALID_TEXT_REPRESENTATION),
errmsg("invalid input syntax for type %s: \"%s\"",
"tid", str)));
offsetNumber = (OffsetNumber) cvt;
result = (ItemPointer) palloc(sizeof(ItemPointerData));