Unify src/common/'s definitions of MaxAllocSize.

Define MaxAllocSize in src/include/common/fe_memutils.h rather
than having several copies of it in different src/common/*.c files.
This also provides an opportunity to document it better.

Back-patch of commit 11b7de4a7, needed now because assorted security
fixes are adding additional references to MaxAllocSize in frontend
code.

Backpatch-through: 14-17
Security: CVE-2026-6473

diff --git a/src/common/psprintf.c b/src/common/psprintf.c
index 52223c38a450a42d6d6ab3ce84c98a58b8992932..96caed1dc2d2691299aa85e1ab48be37f4a0d306 100644 (file)
--- a/src/common/psprintf.c
+++ b/src/common/psprintf.c
@@ -24,9 +24,6 @@
 
 #include "postgres_fe.h"
 
-/* It's possible we could use a different value for this in frontend code */
-#define MaxAllocSize   ((Size) 0x3fffffff) /* 1 gigabyte - 1 */
-
 #endif
 
 

diff --git a/src/common/saslprep.c b/src/common/saslprep.c
index 7558b888edb48c9bacdb0a8624815b5df0469a3d..79f463ec21c722d58a4633652ced960a650dd06d 100644 (file)
--- a/src/common/saslprep.c
+++ b/src/common/saslprep.c
@@ -24,10 +24,6 @@
 #include "utils/memutils.h"
 #else
 #include "postgres_fe.h"
-
-/* It's possible we could use a different value for this in frontend code */
-#define MaxAllocSize   ((Size) 0x3fffffff) /* 1 gigabyte - 1 */
-
 #endif
 
 #include "common/saslprep.h"

diff --git a/src/common/stringinfo.c b/src/common/stringinfo.c
index 445f7222be0a2015379cb152ac33ac9a66ca8131..21348289f9b4150cd566b275294c18c45f2d3d92 100644 (file)
--- a/src/common/stringinfo.c
+++ b/src/common/stringinfo.c
@@ -24,9 +24,6 @@
 
 #include "postgres_fe.h"
 
-/* It's possible we could use a different value for this in frontend code */
-#define MaxAllocSize   ((Size) 0x3fffffff) /* 1 gigabyte - 1 */
-
 #endif
 
 #include "lib/stringinfo.h"

diff --git a/src/include/common/fe_memutils.h b/src/include/common/fe_memutils.h
index cf84aa99556dda8bb911a568f6b36ce668447105..ff25bccdf5d545b26a6fcd64c5ea8b366969e396 100644 (file)
--- a/src/include/common/fe_memutils.h
+++ b/src/include/common/fe_memutils.h
@@ -9,6 +9,18 @@
 #ifndef FE_MEMUTILS_H
 #define FE_MEMUTILS_H
 
+/*
+ * Assumed maximum size for allocation requests.
+ *
+ * We don't enforce this, so the actual maximum is the platform's SIZE_MAX.
+ * But it's useful to have it defined in frontend builds, so that common
+ * code can check for oversized requests without having frontend-vs-backend
+ * differences.  Also, some code relies on MaxAllocSize being no more than
+ * INT_MAX/2, so rather than setting this to SIZE_MAX, make it the same as
+ * the backend's value.
+ */
+#define MaxAllocSize   ((Size) 0x3fffffff) /* 1 gigabyte - 1 */
+
 /*
  * Flags for pg_malloc_extended and palloc_extended, deliberately named
  * the same as the backend flags.