Fix pg_size_pretty() to avoid overflow for inputs close to INT64_MAX.

The expression that tried to round the value to the nearest TB could
overflow, leading to bogus output as reported in bug #5993 from Nicola
Cossu.  This isn't likely to ever happen in the intended usage of the
function (if it could, we'd be needing to use a wider datatype instead);
but it's not hard to give the expected output, so let's do so.

diff --git a/src/backend/utils/adt/dbsize.c b/src/backend/utils/adt/dbsize.c
index 8b5def4d15a9f00d90019e1362d4640137ad8b6c..83026b6dde4fbeb90dd6ee07384d0ae417a259e6 100644 (file)
--- a/src/backend/utils/adt/dbsize.c
+++ b/src/backend/utils/adt/dbsize.c
@@ -497,9 +497,15 @@ pg_size_pretty(PG_FUNCTION_ARGS)
                                                         (size + mult / 2) / mult);
                                else
                                {
+                                       /* Here we have to worry about avoiding overflow */
+                                       int64   val;
+
                                        mult *= 1024;
+                                       val = size / mult;
+                                       if ((size % mult) >= (mult / 2))
+                                               val++;
                                        snprintf(buf, sizeof(buf), INT64_FORMAT " TB",
-                                                        (size + mult / 2) / mult);
+                                                        val);
                                }
                        }
                }