git.postgresql.org Git - postgresql.git/commitdiff

git projects / postgresql.git / commitdiff

Fix overflow danger in SampleHeapTupleVisible(), take 2

author Melanie Plageman <melanieplageman@gmail.com>

2024年12月20日 14:41:41 +0000 (09:41 -0500)

committer Melanie Plageman <melanieplageman@gmail.com>

2024年12月20日 14:43:44 +0000 (09:43 -0500)

28328ec87b45725 addressed one overflow danger in
SampleHeapTupleVisible() but introduced another, albeit a less likely
one. Modify the binary search code to remove this danger.

Reported-by: Richard Guo
Reviewed-by: Richard Guo, Ranier Vilela
Discussion: https://postgr.es/m/CAMbWs4_bE%2BNscChbKWzw6HZOipCUyXfA5133qvoXQ654D3B2gQ%40mail.gmail.com

src/backend/access/heap/heapam_handler.c patch | blob | blame | history

diff --git a/src/backend/access/heap/heapam_handler.c b/src/backend/access/heap/heapam_handler.c

index 9f17baea5d6ecec7f84b699c597d8065aca75d1c..53f572f384b70a2e99b1d18c0007ab3c1385773a 100644 (file)

--- a/src/backend/access/heap/heapam_handler.c

+++ b/src/backend/access/heap/heapam_handler.c

@@ -2574,11 +2574,8 @@ SampleHeapTupleVisible(TableScanDesc scan, Buffer buffer,

if (scan->rs_flags & SO_ALLOW_PAGEMODE)

{

- uint32 start,

- end;

- if (hscan->rs_ntuples == 0)

- return false;

+ uint32 start = 0,

+ end = hscan->rs_ntuples;

* In pageatatime mode, heap_prepare_pagescan() already did visibility

@@ -2589,18 +2586,15 @@ SampleHeapTupleVisible(TableScanDesc scan, Buffer buffer,

* in increasing order, but it's not clear that there would be enough

* gain to justify the restriction.

- start = 0;

- end = hscan->rs_ntuples - 1;

- while (start <= end)

+ while (start < end)

{

- uint32 mid = (start + end) / 2;

+ uint32 mid = start + (end - start) / 2;

OffsetNumber curoffset = hscan->rs_vistuples[mid];

if (tupoffset == curoffset)

return true;

else if (tupoffset < curoffset)

- end = mid - 1;

+ end = mid;

else

start = mid + 1;

}

This is the main PostgreSQL git repository.

RSS Atom