ARRNELEMS Out-of-bounds possible errors
| От | Ranier Vilela | 
|---|---|
| Тема | ARRNELEMS Out-of-bounds possible errors | 
| Дата | |
| Msg-id | CAEudQAqV78KwACTqN1DGGFZ_n+crst-p3EFQDVE8kc-mtpu_bA@mail.gmail.com обсуждение исходный текст | 
| Ответы | Re: ARRNELEMS Out-of-bounds possible errors Re: ARRNELEMS Out-of-bounds possible errors | 
| Список | pgsql-hackers | 
Hi.
Per Coverity.
The commit ccff2d2, changed the behavior function ArrayGetNItems,
with the introduction of the function ArrayGetNItemsSafe.
Now ArrayGetNItems may return -1, according to the comment.
"  instead of throwing an exception. -1 is returned after an error." 
So the macro ARRNELEMS can fail entirely with -1 return,
resulting in codes failing to use without checking the function return.
Like (contrib/intarray/_int_gist.c):
{
 int nel;
nel = ARRNELEMS(ent);
memcpy(ptr, ARRPTR(ent), nel * sizeof(int32));
nel = ARRNELEMS(ent);
memcpy(ptr, ARRPTR(ent), nel * sizeof(int32));
}
Sources possibly affecteds:
contrib\cube\cube.c
contrib\intarray\_intbig_gist.c
contrib\cube\cube.c
contrib\intarray\_intbig_gist.c
contrib\intarray\_int_bool.c
contrib\intarray\_int_gin.c
contrib\intarray\_int_gist.c
contrib\intarray\_int_op.c
contrib\intarray\_int_tool.c:
contrib\intarray\_int_tool.c:
Thoughts?
regards,
Ranier Vilela
В списке pgsql-hackers по дате отправления: