Re: Tom Lane 2014-12-16 <14615.1418694505@sss.pgh.pa.us>
> Jim Nasby <Jim.Nasby@BlueTreble.com> writes:
> > On 12/15/14, 1:39 PM, Christoph Berg wrote:
> >> Well, if it's not interesting, let's just forget it. Sorry.
>
> > At the risk of sticking my head in the lions mouth... this is the kind of response that deters people from
contributinganything to the project, including reviewing patches. A simple "thanks, but we feel it's already clear
enoughthat there can't be anywhere close to INT_MAX timezones" would have sufficed.
>
> Yeah, I need to apologize. I was a bit on edge today due to the release
> wrap (which you may have noticed wasn't going too smoothly), and should
> not have responded like that.
Hi,
maybe I should apologize as well for submitting this right at the time
of the release...
> I also remain curious as to what sort of tool would complain about this
> particular code and not the N other nearly-identical binary-search loops
> in the PG sources, most of which deal with data structures potentially
> far larger than the timezone data ...
He said he found it in manual code review, not using a tool.
But anyway, I do agree this is a very minor issue and there's much
more interesting things to spend time on. I promise to send in more
severe security issues next time :)
Christoph
--
cb@df7cb.de | http://www.df7cb.de/