Unify src/common/'s definitions of MaxAllocSize.

Define MaxAllocSize in src/include/common/fe_memutils.h rather
than having several copies of it in different src/common/*.c files.
This also provides an opportunity to document it better.

Back-patch of commit 11b7de4a7, needed now because assorted security
fixes are adding additional references to MaxAllocSize in frontend
code.

Backpatch-through: 14-17
Security: CVE-2026-6473

diff --git a/src/common/psprintf.c b/src/common/psprintf.c
index a5a5cb121c557116f8ece71ede921c7745dd8e3e..49b4fc92baa3af79353045d7c6526a4fbfbbfcdc 100644 (file)
--- a/src/common/psprintf.c
+++ b/src/common/psprintf.c
@@ -24,9 +24,6 @@
 
 #include "postgres_fe.h"
 
-/* It's possible we could use a different value for this in frontend code */
-#define MaxAllocSize   ((Size) 0x3fffffff) /* 1 gigabyte - 1 */
-
 #endif
 
 

diff --git a/src/common/saslprep.c b/src/common/saslprep.c
index b8fe2026f99a1fbd708051b6244450c3e93b9c01..ee211dd4ab5c5f6e1db9ed2160dcdeff841e6a5e 100644 (file)
--- a/src/common/saslprep.c
+++ b/src/common/saslprep.c
@@ -24,10 +24,6 @@
 #include "utils/memutils.h"
 #else
 #include "postgres_fe.h"
-
-/* It's possible we could use a different value for this in frontend code */
-#define MaxAllocSize   ((Size) 0x3fffffff) /* 1 gigabyte - 1 */
-
 #endif
 
 #include "common/saslprep.h"

diff --git a/src/common/stringinfo.c b/src/common/stringinfo.c
index 76ff4d3e2452ef29795e5fe46332598aa93b62aa..7469c83e90e637b1124e45983ada163995d2eb44 100644 (file)
--- a/src/common/stringinfo.c
+++ b/src/common/stringinfo.c
@@ -24,9 +24,6 @@
 
 #include "postgres_fe.h"
 
-/* It's possible we could use a different value for this in frontend code */
-#define MaxAllocSize   ((Size) 0x3fffffff) /* 1 gigabyte - 1 */
-
 #endif
 
 #include "lib/stringinfo.h"

diff --git a/src/include/common/fe_memutils.h b/src/include/common/fe_memutils.h
index e915ed19d9fa7a1abbb07a86f21908092c3a580f..5780b53613cc7740c060b428878c440d402f95bd 100644 (file)
--- a/src/include/common/fe_memutils.h
+++ b/src/include/common/fe_memutils.h
@@ -9,6 +9,18 @@
 #ifndef FE_MEMUTILS_H
 #define FE_MEMUTILS_H
 
+/*
+ * Assumed maximum size for allocation requests.
+ *
+ * We don't enforce this, so the actual maximum is the platform's SIZE_MAX.
+ * But it's useful to have it defined in frontend builds, so that common
+ * code can check for oversized requests without having frontend-vs-backend
+ * differences.  Also, some code relies on MaxAllocSize being no more than
+ * INT_MAX/2, so rather than setting this to SIZE_MAX, make it the same as
+ * the backend's value.
+ */
+#define MaxAllocSize   ((Size) 0x3fffffff) /* 1 gigabyte - 1 */
+
 /*
  * Flags for pg_malloc_extended and palloc_extended, deliberately named
  * the same as the backend flags.