Fix overflow in parsing of positional parameter

Replace atol with pg_strtoint32_safe in the backend parser and with strtoint in ECPG to reject overflows when parsing the number of a positional parameter. With atol from glibc, parameters $2147483648 and $4294967297 turn into $-2147483648 and $1, respectively. Author: Erik Wienhold <ewie@ewie.name> Reviewed-by: Michael Paquier <michael@paquier.xyz> Reviewed-by: Peter Eisentraut <peter@eisentraut.org> Reviewed-by: Alexander Lakhin <exclusion@gmail.com> Discussion: https://www.postgresql.org/message-id/flat/5d216d1c-91f6-4cbe-95e2-b4cbd930520c@ewie.name
author: Peter Eisentraut 2024-07-02 07:16:36 +0000
committer: Peter Eisentraut 2024-07-02 07:29:26 +0000
commit: d35cd061998434747c0d1c0f6f2aa1f736f0edb4 (patch)
tree: 36ed3648c04c61639f7ee19a00a6698042093c13 /src/interfaces/ecpg
parent: 4867f8a555cea1bc6de1726b0030896aa4cd3c70 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/src/interfaces/ecpg/preproc/pgc.l b/src/interfaces/ecpg/preproc/pgc.l
index f9d68a96e79..27261f42d8d 100644
--- a/src/interfaces/ecpg/preproc/pgc.l
+++ b/src/interfaces/ecpg/preproc/pgc.l
@@ -938,7 +938,13 @@ cppline			{space}*#([^i][A-Za-z]*|{if}|{ifdef}|{ifndef}|{import})((\/\*[^*/]*\*+
 				}
 
 {param}			{
-					base_yylval.ival = atol(yytext+1);
+					int			val;
+
+					errno = 0;
+					val = strtoint(yytext + 1, NULL, 10);
+					if (errno == ERANGE)
+						mmfatal(PARSE_ERROR, "parameter number too large");
+					base_yylval.ival = val;
 					return PARAM;
 				}
 {param_junk}	{
author	Peter Eisentraut	2024-07-02 07:16:36 +0000
committer	Peter Eisentraut	2024-07-02 07:29:26 +0000
commit	d35cd061998434747c0d1c0f6f2aa1f736f0edb4 (patch)
tree	36ed3648c04c61639f7ee19a00a6698042093c13 /src/interfaces/ecpg
parent	4867f8a555cea1bc6de1726b0030896aa4cd3c70 (diff)