* Portions Copyright (c) 1996-2003, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
- * $PostgreSQL: pgsql/src/interfaces/libpq/pqexpbuffer.c,v 1.16 2003/11/29 19:52:12 pgsql Exp $
+ * $PostgreSQL: pgsql/src/interfaces/libpq/pqexpbuffer.c,v 1.17 2004/05/14 00:20:38 tgl Exp $
*
*-------------------------------------------------------------------------
*/
#include "postgres_fe.h"
+#include <limits.h>
+
#include "pqexpbuffer.h"
#ifdef WIN32
size_t newlen;
char *newdata;
+ /*
+ * Guard against ridiculous "needed" values, which can occur if we're
+ * fed bogus data. Without this, we can get an overflow or infinite
+ * loop in the following.
+ */
+ if (needed >= ((size_t) INT_MAX - str->len))
+ return 0;
+
needed += str->len + 1; /* total space required now */
+
+ /* Because of the above test, we now have needed <= INT_MAX */
+
if (needed <= str->maxlen)
return 1; /* got enough space already */
while (needed > newlen)
newlen = 2 * newlen;
+ /*
+ * Clamp to INT_MAX in case we went past it. Note we are assuming
+ * here that INT_MAX <= UINT_MAX/2, else the above loop could
+ * overflow. We will still have newlen >= needed.
+ */
+ if (newlen > (size_t) INT_MAX)
+ newlen = (size_t) INT_MAX;
+
newdata = (char *) realloc(str->data, newlen);
if (newdata != NULL)
{
projects / postgresql / commitdiff