diff options
| author | Thomas Munro <tmunro@postgresql.org> | 2024-03-03 08:40:41 +1300 |
|---|---|---|
| committer | Thomas Munro <tmunro@postgresql.org> | 2024-03-03 08:40:41 +1300 |
| commit | 1e013746544bd1f9df70f5547894fd72719c4b85 (patch) | |
| tree | 0c8693ce73a54ae140660ecd45fa3e75018bb533 /src | |
| parent | 653b55b57081dc6fb8c75d61870c5fdc8c8554cc (diff) | |
| download | postgresql-1e013746544bd1f9df70f5547894fd72719c4b85.tar.gz postgresql-1e013746544bd1f9df70f5547894fd72719c4b85.zip | |
Fix overflow in Windows replacement pg_pread/pg_pwrite.
When calling the Windows file I/O APIs there is an implicit conversion
from size_t to DWORD, which could overflow. Clamp the size at 1GB to
avoid that.
Not a really a live bug as we don't expect anything in PostgreSQL to
call with such large values.
Reviewed-by: Peter Eisentraut <peter@eisentraut.org>
Discussion: https://postgr.es/m/1672202.1703441340%40sss.pgh.pa.us
Diffstat (limited to 'src')
| -rw-r--r-- | src/port/win32pread.c | 3 | ||||
| -rw-r--r-- | src/port/win32pwrite.c | 3 |
2 files changed, 6 insertions, 0 deletions
diff --git a/src/port/win32pread.c b/src/port/win32pread.c index e1a066fdbe4..2d022e6d378 100644 --- a/src/port/win32pread.c +++ b/src/port/win32pread.c @@ -30,6 +30,9 @@ pg_pread(int fd, void *buf, size_t size, off_t offset) return -1; } + /* Avoid overflowing DWORD. */ + size = Min(size, 1024 * 1024 * 1024); + /* Note that this changes the file position, despite not using it. */ overlapped.Offset = offset; if (!ReadFile(handle, buf, size, &result, &overlapped)) diff --git a/src/port/win32pwrite.c b/src/port/win32pwrite.c index c54bf041bf3..b37bb2f92e0 100644 --- a/src/port/win32pwrite.c +++ b/src/port/win32pwrite.c @@ -30,6 +30,9 @@ pg_pwrite(int fd, const void *buf, size_t size, off_t offset) return -1; } + /* Avoid overflowing DWORD. */ + size = Min(size, 1024 * 1024 * 1024); + /* Note that this changes the file position, despite not using it. */ overlapped.Offset = offset; if (!WriteFile(handle, buf, size, &result, &overlapped)) |