diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2009-10-30 20:59:23 +0000 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2009-10-30 20:59:23 +0000 |
| commit | 7c0e8048c57159c23a66fecc4cc4c7703b27be6b (patch) | |
| tree | 3882a60eb6fa05a1a715c6cd0c0e906aa0b44768 /src/backend/executor/nodeHash.c | |
| parent | 4ce82365d08bc472267a41798973da28925a1fa0 (diff) | |
| download | postgresql-7c0e8048c57159c23a66fecc4cc4c7703b27be6b.tar.gz postgresql-7c0e8048c57159c23a66fecc4cc4c7703b27be6b.zip | |
Make the overflow guards in ExecChooseHashTableSize be more protective.
The original coding ensured nbuckets and nbatch didn't exceed INT_MAX,
which while not insane on its own terms did nothing to protect subsequent
code like "palloc(nbatch * sizeof(BufFile *))". Since enormous join size
estimates might well be planner error rather than reality, it seems best
to constrain the initial sizes to be not more than work_mem/sizeof(pointer),
thus ensuring the allocated arrays don't exceed work_mem. We will allow
nbatch to get bigger than that during subsequent ExecHashIncreaseNumBatches
calls, but we should still guard against integer overflow in those palloc
requests. Per bug #5145 from Bernt Marius Johnsen.
Although the given test case only seems to fail back to 8.2, previous
releases have variants of this issue, so patch all supported branches.
Diffstat (limited to 'src/backend/executor/nodeHash.c')
| -rw-r--r-- | src/backend/executor/nodeHash.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/backend/executor/nodeHash.c b/src/backend/executor/nodeHash.c index b925517d7b1..c4409d33a2c 100644 --- a/src/backend/executor/nodeHash.c +++ b/src/backend/executor/nodeHash.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/executor/nodeHash.c,v 1.79 2003/08/04 02:39:59 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/executor/nodeHash.c,v 1.79.4.1 2009/10/30 20:59:23 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -377,6 +377,8 @@ ExecChooseHashTableSize(double ntuples, int tupwidth, nbuckets = (int) (hash_table_bytes / (bucketsize * FUDGE_FAC)); if (nbuckets <= 0) nbuckets = 1; + /* Ensure we can allocate an array of nbuckets pointers */ + nbuckets = Min(nbuckets, MaxAllocSize / sizeof(void *)); if (totalbuckets <= nbuckets) { @@ -401,10 +403,10 @@ ExecChooseHashTableSize(double ntuples, int tupwidth, */ dtmp = ceil((inner_rel_bytes - hash_table_bytes) / hash_table_bytes); - if (dtmp < INT_MAX) + if (dtmp < MaxAllocSize / sizeof(void *)) nbatch = (int) dtmp; else - nbatch = INT_MAX; + nbatch = MaxAllocSize / sizeof(void *); if (nbatch <= 0) nbatch = 1; } |