git.ipfire.org Git - thirdparty/postgresql.git/commit

author	Tom Lane <tgl@sss.pgh.pa.us>
	Wed, 21 Dec 2022 22:51:50 +0000 (17:51 -0500)
committer	Tom Lane <tgl@sss.pgh.pa.us>
	Wed, 21 Dec 2022 22:51:50 +0000 (17:51 -0500)
commit	0ff4056b8ce994e2932260c9f194675769b3d2e5
tree	d794d9bba453461eee7e8f63144049906dc7ff2a	tree \| snapshot
parent	f48aa5df4e030ab75bdc2ca5fc480c4a830cf5f3	commit \| diff

Fix contrib/seg to be more wary of long input numbers.

seg stores the number of significant digits in an input number
in a "char" field. If char is signed, and the input is more than
127 digits long, the count can read out as negative causing
seg_out() to print garbage (or, if you're really unlucky,
even crash).

To fix, clamp the digit count to be not more than FLT_DIG.
(In theory this loses some information about what the original
input was, but it doesn't seem like useful information; it would
not survive dump/restore in any case.)

Also, in case there are stored values of the seg type containing
bad data, add a clamp in seg_out's restore() subroutine.

Per bug #17725 from Robins Tharakan. It's been like this
forever, so back-patch to all supported branches.

Discussion: https://postgr.es/m/17725-0a09313b67fbe86e@postgresql.org

contrib/seg/expected/seg.out		diff \| blob \| blame \| history
contrib/seg/expected/seg_1.out		diff \| blob \| blame \| history
contrib/seg/seg.c		diff \| blob \| blame \| history
contrib/seg/segparse.y		diff \| blob \| blame \| history
contrib/seg/sql/seg.sql		diff \| blob \| blame \| history