| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)postgresql(dot)org |
| Subject: | pgsql: Avoid integer overflow while sifting-up a heap in tuplesort.c. |
| Date: | 2017-07-12 17:24:36 |
| Message-ID: | E1dVLNM-00075H-Iq@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Avoid integer overflow while sifting-up a heap in tuplesort.c.
If the number of tuples in the heap exceeds approximately INT_MAX/2,
this loop's calculation "2*i+1" could overflow, resulting in a crash.
Fix it by using unsigned int rather than int for the relevant local
variables; that shouldn't cost anything extra on any popular hardware.
Per bug #14722 from Sergey Koposov.
Original patch by Sergey Koposov, modified by me per a suggestion
from Heikki Linnakangas to use unsigned int not int64.
Back-patch to 9.4, where tuplesort.c grew the ability to sort as many
as INT_MAX tuples in-memory (commit 263865a48).
Discussion: https://postgr.es/m/20170629161637.1478.93109@wrigleys.postgresql.org
Branch
------
REL9_4_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/e439bbe9996f508f584cda9075d0bb3d5fbd7d97
Modified Files
--------------
src/backend/utils/sort/tuplesort.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2017-07-12 18:41:24 | pgsql: commit_ts test: Set node name in test |
| Previous Message | Heikki Linnakangas | 2017-07-12 14:11:07 | pgsql: Fix variable and type name in comment. |