upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-02-15 00:33:54 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/include/utils
History
Tom Lane 3b0f6a7ae5 Prevent integer overflows in array subscripting calculations. 
While we were (mostly) careful about ensuring that the dimensions of
arrays aren't large enough to cause integer overflow, the lower bound
values were generally not checked.  This allows situations where
lower_bound + dimension overflows an integer.  It seems that that's
harmless so far as array reading is concerned, except that array
elements with subscripts notionally exceeding INT_MAX are inaccessible.
However, it confuses various array-assignment logic, resulting in a
potential for memory stomps.

Fix by adding checks that array lower bounds aren't large enough to
cause lower_bound + dimension to overflow.  (Note: this results in
disallowing cases where the last subscript position would be exactly
INT_MAX.  In principle we could probably allow that, but there's a lot
of code that computes lower_bound + dimension and would need adjustment.
It seems doubtful that it's worth the trouble/risk to allow it.)

Somewhat independently of that, array_set_element() was careless
about possible overflow when checking the subscript of a fixed-length
array, creating a different route to memory stomps.  Fix that too.

Security: CVE-2021-32027
2021-05-10 10:44:38 -04:00
..
.gitignore Revert "Add gitignore entries for jsonpath_gram.h" 2019-03-23 00:19:34 +01:00
acl.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
aclchk_internal.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
array.h Prevent integer overflows in array subscripting calculations. 2021-05-10 10:44:38 -04:00
arrayaccess.h Don't read fields of a misaligned ExpandedObjectHeader or AnyArrayType. 2019-06-30 17:34:17 -07:00
ascii.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
attoptcache.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
builtins.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
bytea.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
cash.h Phase 2 of pgindent updates. 2017-06-21 15:19:25 -04:00
catcache.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
combocid.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
date.h Reject "23:59:60.nnn" in datetime input. 2020-06-04 16:42:08 -04:00
datetime.h Remove explicit error handling for obsolete date/time values 2019-06-30 10:27:35 +02:00
datum.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
dsa.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
dynahash.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
elog.h Re-implement the ereport() macro using __VA_ARGS__. 2020-03-24 11:48:33 -04:00
evtcache.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
expandeddatum.h Don't read fields of a misaligned ExpandedObjectHeader or AnyArrayType. 2019-06-30 17:34:17 -07:00
expandedrecord.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
float.h Avoid a performance regression in float overflow/underflow detection. 2020-02-13 13:37:43 -05:00
fmgrtab.h Reduce the size of the fmgr_builtin_oid_index[] array. 2019-01-09 15:22:43 -05:00
formatting.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
freepage.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
geo_decls.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
guc.h Revert "Add log_statement_sample_rate parameter" 2019-08-04 23:37:44 +02:00
guc_tables.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
hashutils.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
help_config.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
hsearch.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
index_selfuncs.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
inet.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
int8.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
inval.h Fix many typos and inconsistencies 2019-07-01 10:00:23 +09:00
json.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
jsonapi.h Fix more typos and inconsistencies in the tree 2019-06-17 16:13:16 +09:00
jsonb.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
jsonpath.h Fix bogus handling of XQuery regex option flags. 2019-09-17 15:39:51 -04:00
logtape.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
lsyscache.h Preserve pg_attribute.attstattarget across REINDEX CONCURRENTLY 2021-02-10 13:09:12 +09:00
memdebug.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
memutils.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
numeric.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
palloc.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
partcache.h Move code for managing PartitionDescs into a new file, partdesc.c 2019-02-21 11:45:02 -05:00
pg_crc.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
pg_locale.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
pg_lsn.h Don't call data type input functions in GUC check hooks 2019-06-30 10:27:43 +02:00
pg_rusage.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
pidfile.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
plancache.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
portal.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
ps_status.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
queryenvironment.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
rangetypes.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
regproc.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
rel.h Revert "Skip WAL for new relfilenodes, under wal_level=minimal." 2020-03-22 09:24:13 -07:00
relcache.h Revert "Skip WAL for new relfilenodes, under wal_level=minimal." 2020-03-22 09:24:13 -07:00
relfilenodemap.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
relmapper.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
relptr.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
reltrigger.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
resowner.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
resowner_private.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
rls.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
ruleutils.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
sampling.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
selfuncs.h Use query collation, not column's collation, while examining statistics. 2020-06-05 16:18:50 -04:00
sharedtuplestore.h Fix more typos and inconsistencies in the tree 2019-06-17 16:13:16 +09:00
snapmgr.h Avoid catalog lookups in RelationAllowsEarlyPruning(). 2019-08-28 16:18:39 +12:00
snapshot.h Fix double-word typos 2019-06-13 10:03:56 -04:00
sortsupport.h Fix many typos and inconsistencies 2019-07-01 10:00:23 +09:00
spccache.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
syscache.h Rework the pg_statistic_ext catalog 2019-06-16 01:20:31 +02:00
timeout.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
timestamp.h Fix and simplify some usages of TimestampDifference(). 2020-11-10 22:51:55 -05:00
tuplesort.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
tuplestore.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
typcache.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
tzparser.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
uuid.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
varbit.h Fix failure to zero-pad the result of bitshiftright(). 2019-09-22 17:46:00 -04:00
varlena.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
xml.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00