Unify src/common/'s definitions of MaxAllocSize.

Define MaxAllocSize in src/include/common/fe_memutils.h rather
than having several copies of it in different src/common/*.c files.
This also provides an opportunity to document it better.

Back-patch of commit 11b7de4a7, needed now because assorted security
fixes are adding additional references to MaxAllocSize in frontend
code.

Backpatch-through: 14-17
Security: CVE-2026-6473

diff --git a/src/common/psprintf.c b/src/common/psprintf.c
index c1d2807cea97fe77257201559c621f1e67c0db97..54a8fe93dee80a8ada28e4ac5abaddddf83a62a6 100644 (file)
--- a/src/common/psprintf.c
+++ b/src/common/psprintf.c
@@ -24,9 +24,6 @@
 
 #include "postgres_fe.h"
 
-/* It's possible we could use a different value for this in frontend code */
-#define MaxAllocSize   ((Size) 0x3fffffff) /* 1 gigabyte - 1 */
-
 #endif
 
 

diff --git a/src/common/saslprep.c b/src/common/saslprep.c
index 80b9edb3968f870c40a397bd5df6e60cceea733d..bc1b0240594170265318308866854b89896d5105 100644 (file)
--- a/src/common/saslprep.c
+++ b/src/common/saslprep.c
@@ -24,10 +24,6 @@
 #include "utils/memutils.h"
 #else
 #include "postgres_fe.h"
-
-/* It's possible we could use a different value for this in frontend code */
-#define MaxAllocSize   ((Size) 0x3fffffff) /* 1 gigabyte - 1 */
-
 #endif
 
 #include "common/saslprep.h"

diff --git a/src/common/stringinfo.c b/src/common/stringinfo.c
index 05b22b5c53c6a4137f022dc74035ed71c8282e68..de4a177584868ee74b0357ef1696e454a0492920 100644 (file)
--- a/src/common/stringinfo.c
+++ b/src/common/stringinfo.c
@@ -24,9 +24,6 @@
 
 #include "postgres_fe.h"
 
-/* It's possible we could use a different value for this in frontend code */
-#define MaxAllocSize   ((Size) 0x3fffffff) /* 1 gigabyte - 1 */
-
 #endif
 
 #include "lib/stringinfo.h"

diff --git a/src/include/common/fe_memutils.h b/src/include/common/fe_memutils.h
index 84cc61e7f0e7facd91408edf76a3c848aa9d6980..a6702a562ffa6f0746f772ac470408fc8e59da05 100644 (file)
--- a/src/include/common/fe_memutils.h
+++ b/src/include/common/fe_memutils.h
@@ -9,6 +9,18 @@
 #ifndef FE_MEMUTILS_H
 #define FE_MEMUTILS_H
 
+/*
+ * Assumed maximum size for allocation requests.
+ *
+ * We don't enforce this, so the actual maximum is the platform's SIZE_MAX.
+ * But it's useful to have it defined in frontend builds, so that common
+ * code can check for oversized requests without having frontend-vs-backend
+ * differences.  Also, some code relies on MaxAllocSize being no more than
+ * INT_MAX/2, so rather than setting this to SIZE_MAX, make it the same as
+ * the backend's value.
+ */
+#define MaxAllocSize   ((Size) 0x3fffffff) /* 1 gigabyte - 1 */
+
 /*
  * Flags for pg_malloc_extended and palloc_extended, deliberately named
  * the same as the backend flags.