Suppress integer-overflow compiler warning for inconsistent sun_len.

On AIX 7.1, struct sockaddr_un is declared to be 1025 bytes long,
but the sun_len field that should hold the length is only a byte.
Clamp the value we try to store to ensure it will fit in the field.

(This coding might need adjustment if there are any machines out
there where sun_len is as wide as size_t; but a preliminary survey
suggests there's not, so let's keep it simple.)

Discussion: https://postgr.es/m/2781112.1644819528@sss.pgh.pa.us

diff --git a/src/common/ip.c b/src/common/ip.c
index b01e0d0e61953d5841681b6068b76513b41d9188..cd73d49679dd291dc63d8c3ff54bab58848531d7 100644 (file)
--- a/src/common/ip.c
+++ b/src/common/ip.c
@@ -232,8 +232,18 @@ getaddrinfo_unix(const char *path, const struct addrinfo *hintsp,
                aip->ai_addrlen = offsetof(struct sockaddr_un, sun_path) + strlen(path);
        }
 
+       /*
+        * The standard recommendation for filling sun_len is to set it to the
+        * struct size (independently of the actual path length).  However, that
+        * draws an integer-overflow warning on AIX 7.1, where sun_len is just
+        * uint8 yet the struct size exceeds 255 bytes.  It's likely that nothing
+        * is paying attention to sun_len on that platform, but we have to do
+        * something with it.  To suppress the warning, clamp the struct size to
+        * what will fit in sun_len.
+        */
 #ifdef HAVE_STRUCT_SOCKADDR_STORAGE_SS_LEN
-       unp->sun_len = sizeof(struct sockaddr_un);
+       unp->sun_len = Min(sizeof(struct sockaddr_un),
+                                          ((size_t) 1 << (sizeof(unp->sun_len) * BITS_PER_BYTE)) - 1);
 #endif
 
        return 0;