aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMelanie Plageman <melanieplageman@gmail.com>2024-12-18 18:16:43 -0500
committerMelanie Plageman <melanieplageman@gmail.com>2024-12-18 18:16:43 -0500
commit28328ec87b45725f62bed1104d99c8b3220d1675 (patch)
treed405f96d14588809eb6894995b74c631b3b4ddf0
parent68d9662be1c4b705123a0e292974fb4be661294c (diff)
downloadpostgresql-28328ec87b45725f62bed1104d99c8b3220d1675.tar.gz
postgresql-28328ec87b45725f62bed1104d99c8b3220d1675.zip
Fix overflow danger in SampleHeapTupleVisible()
68d9662be1c4b70 made HeapScanDesc->rs_ntuples unsigned but neglected to change how it was being used in SampleHeapTupleVisible(). Return early if rs_ntuples is 0 to avoid overflowing and incorrectly executing the loop code in SampleHeapTupleVisible(). Reported-by: Ranier Vilela Discussion: https://postgr.es/m/CAEudQAot_xQoZyPZjpj1aBUPrPykY5mOPHGyvfe%3Djz%2BWowdA3A%40mail.gmail.com
Diffstat
-rw-r--r--src/backend/access/heap/heapam_handler.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/src/backend/access/heap/heapam_handler.c b/src/backend/access/heap/heapam_handler.c
index d0e5922eed7..689773ff239 100644
--- a/src/backend/access/heap/heapam_handler.c
+++ b/src/backend/access/heap/heapam_handler.c
@@ -2577,6 +2577,12 @@ SampleHeapTupleVisible(TableScanDesc scan, Buffer buffer,
if (scan->rs_flags & SO_ALLOW_PAGEMODE)
{
+ uint32 start,
+ end;
+
+ if (hscan->rs_ntuples == 0)
+ return false;
+
/*
* In pageatatime mode, heap_prepare_pagescan() already did visibility
* checks, so just look at the info it left in rs_vistuples[].
@@ -2586,12 +2592,12 @@ SampleHeapTupleVisible(TableScanDesc scan, Buffer buffer,
* in increasing order, but it's not clear that there would be enough
* gain to justify the restriction.
*/
- int start = 0,
- end = hscan->rs_ntuples - 1;
+ start = 0;
+ end = hscan->rs_ntuples - 1;
while (start <= end)
{
- int mid = (start + end) / 2;
+ uint32 mid = (start + end) / 2;
OffsetNumber curoffset = hscan->rs_vistuples[mid];
if (tupoffset == curoffset)
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-31 01:11:21 +0000