git.postgresql.org Git - postgresql.git/commitdiff

git projects / postgresql.git / commitdiff

Add Asserts to validate prevbit values in bms_prev_member

author David Rowley <drowley@postgresql.org>

2025年8月15日 04:33:07 +0000 (16:33 +1200)

committer David Rowley <drowley@postgresql.org>

2025年8月15日 04:33:07 +0000 (16:33 +1200)

bms_prev_member() could attempt to access memory outside of the words[]
array in cases where the prevbit was a number < -1 or > a->nwords *
BITS_PER_BITMAPWORD + 1.

Here we add the Asserts to help draw attention to bogus callers so we're
more likely to catch them during development.

In passing, fix wording of bms_prev_member's header comment which talks
about how we expect the callers to ensure only valid prevbit values are
used.

Author: Greg Burd <greg@burd.me>
Reviewed-by: David Rowley <dgrowleyml@gmail.com>
Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us>
Discussion: https://postgr.es/m/2000A717-1FFE-4031-827B-9330FB2E9065%40getmailspring.com

src/backend/nodes/bitmapset.c patch | blob | blame | history

diff --git a/src/backend/nodes/bitmapset.c b/src/backend/nodes/bitmapset.c

index bf512cf806ff7784d341a18e771e32e2a8f146cd..b4ecf0b0390179481e3aad8228294d4e45c126dc 100644 (file)

--- a/src/backend/nodes/bitmapset.c

+++ b/src/backend/nodes/bitmapset.c

@@ -1343,7 +1343,7 @@ bms_next_member(const Bitmapset *a, int prevbit)

* Returns largest member less than "prevbit", or -2 if there is none.

* "prevbit" must NOT be more than one above the highest possible bit that can

- * be set at the Bitmapset at its current size.

+ * be set in the Bitmapset at its current size.

* To ease finding the highest set bit for the initial loop, the special

* prevbit value of -1 can be passed to have the function find the highest