Add runtime checks for number of query parameters passed to libpq functions.

The maximum number of parameters supported by the FE/BE protocol is 65535,
as it's transmitted as a 16-bit unsigned integer. However, the nParams
arguments to libpq functions are all of type 'int'. We can't change the
signature of libpq functions, but a simple bounds check is in order to make
it more clear what's going wrong if you try to pass more than 65535
parameters.

Per complaint from Jim Vanns.

diff --git a/src/interfaces/libpq/fe-exec.c b/src/interfaces/libpq/fe-exec.c
index 53516db723492f11fc9f4bdc6d4d351693c4c22f..77124efe779656f49f8bb028378d351bfcb0e8a7 100644 (file)
--- a/src/interfaces/libpq/fe-exec.c
+++ b/src/interfaces/libpq/fe-exec.c
@@ -1113,6 +1113,7 @@ PQsendQuery(PGconn *conn, const char *query)
    if (!PQsendQueryStart(conn))
        return 0;
 
+   /* check the argument */
    if (!query)
    {
        printfPQExpBuffer(&conn->errorMessage,
@@ -1170,12 +1171,19 @@ PQsendQueryParams(PGconn *conn,
    if (!PQsendQueryStart(conn))
        return 0;
 
+   /* check the arguments */
    if (!command)
    {
        printfPQExpBuffer(&conn->errorMessage,
                        libpq_gettext("command string is a null pointer\n"));
        return 0;
    }
+   if (nParams < 0 || nParams > 65535)
+   {
+       printfPQExpBuffer(&conn->errorMessage,
+                       libpq_gettext("number of parameters must be between 0 and 65535\n"));
+       return 0;
+   }
 
    return PQsendQueryGuts(conn,
                           command,
@@ -1203,19 +1211,25 @@ PQsendPrepare(PGconn *conn,
    if (!PQsendQueryStart(conn))
        return 0;
 
+   /* check the arguments */
    if (!stmtName)
    {
        printfPQExpBuffer(&conn->errorMessage,
                        libpq_gettext("statement name is a null pointer\n"));
        return 0;
    }
-
    if (!query)
    {
        printfPQExpBuffer(&conn->errorMessage,
                        libpq_gettext("command string is a null pointer\n"));
        return 0;
    }
+   if (nParams < 0 || nParams > 65535)
+   {
+       printfPQExpBuffer(&conn->errorMessage,
+                       libpq_gettext("number of parameters must be between 0 and 65535\n"));
+       return 0;
+   }
 
    /* This isn't gonna work on a 2.0 server */
    if (PG_PROTOCOL_MAJOR(conn->pversion) < 3)
@@ -1298,12 +1312,19 @@ PQsendQueryPrepared(PGconn *conn,
    if (!PQsendQueryStart(conn))
        return 0;
 
+   /* check the arguments */
    if (!stmtName)
    {
        printfPQExpBuffer(&conn->errorMessage,
                        libpq_gettext("statement name is a null pointer\n"));
        return 0;
    }
+   if (nParams < 0 || nParams > 65535)
+   {
+       printfPQExpBuffer(&conn->errorMessage,
+                       libpq_gettext("number of parameters must be between 0 and 65535\n"));
+       return 0;
+   }
 
    return PQsendQueryGuts(conn,
                           NULL,    /* no command to parse */