Fix overflow check in StringInfo; add missing casts

A few thinkos I introduced in fa2fa9955280.  Also, amend a similarly
broken comment.

Report by Daniel Vérité.
Authors: Daniel Vérité, Álvaro Herrera
Discussion: https://postgr.es/m/1706e85e-60d2-494e-8a64-9af1e1b2186e@manitou-mail.org

1 files changed, 7 insertions, 6 deletions

diff --git a/src/backend/lib/stringinfo.c b/src/backend/lib/stringinfo.c
index bdc204edf77..3eee49beb62 100644
--- a/src/backend/lib/stringinfo.c
+++ b/src/backend/lib/stringinfo.c
@@ -313,19 +313,20 @@ enlargeStringInfo(StringInfo str, int needed)
 	 * for efficiency, double the buffer size each time it overflows.
 	 * Actually, we might need to more than double it if 'needed' is big...
 	 */
-	newlen = 2 * str->maxlen;
-	while (needed > newlen)
+	newlen = 2 * (Size) str->maxlen;
+	while ((Size) needed > newlen)
 		newlen = 2 * newlen;
 
 	/*
-	 * Clamp to the limit in case we went past it.  Note we are assuming here
-	 * that limit <= INT_MAX/2, else the above loop could overflow.  We will
-	 * still have newlen >= needed.
+	 * Clamp to the limit in case we went past it.  (We used to depend on
+	 * limit <= INT32_MAX/2, to avoid overflow in the loop above; we no longer
+	 * depend on that, but if "needed" and str->maxlen ever become wider, we
+	 * will need similar caution here.)  We will still have newlen >= needed.
 	 */
 	if (newlen > limit)
 		newlen = limit;
 
-	str->data = (char *) repalloc_huge(str->data, (Size) newlen);
+	str->data = (char *) repalloc_huge(str->data, newlen);
 
 	str->maxlen = newlen;
 }