From: Thomas Munro <tmunro@postgresql.org>
Date: Sat, 2 Mar 2024 19:40:41 +0000 (+1300)
Subject: Fix overflow in Windows replacement pg_pread/pg_pwrite.
X-Git-Tag: REL_17_BETA1~780
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1e013746544bd1f9df70f5547894fd72719c4b85;p=thirdparty%2Fpostgresql.git

Fix overflow in Windows replacement pg_pread/pg_pwrite.

When calling the Windows file I/O APIs there is an implicit conversion
from size_t to DWORD, which could overflow.  Clamp the size at 1GB to
avoid that.

Not a really a live bug as we don't expect anything in PostgreSQL to
call with such large values.

Reviewed-by: Peter Eisentraut <peter@eisentraut.org>
Discussion: https://postgr.es/m/1672202.1703441340%40sss.pgh.pa.us
---

diff --git a/src/port/win32pread.c b/src/port/win32pread.c
index e1a066fdbe4..2d022e6d378 100644
--- a/src/port/win32pread.c
+++ b/src/port/win32pread.c
@@ -30,6 +30,9 @@ pg_pread(int fd, void *buf, size_t size, off_t offset)
 		return -1;
 	}
 
+	/* Avoid overflowing DWORD. */
+	size = Min(size, 1024 * 1024 * 1024);
+
 	/* Note that this changes the file position, despite not using it. */
 	overlapped.Offset = offset;
 	if (!ReadFile(handle, buf, size, &result, &overlapped))
diff --git a/src/port/win32pwrite.c b/src/port/win32pwrite.c
index c54bf041bf3..b37bb2f92e0 100644
--- a/src/port/win32pwrite.c
+++ b/src/port/win32pwrite.c
@@ -30,6 +30,9 @@ pg_pwrite(int fd, const void *buf, size_t size, off_t offset)
 		return -1;
 	}
 
+	/* Avoid overflowing DWORD. */
+	size = Min(size, 1024 * 1024 * 1024);
+
 	/* Note that this changes the file position, despite not using it. */
 	overlapped.Offset = offset;
 	if (!WriteFile(handle, buf, size, &result, &overlapped))