From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Mon, 2 Feb 2004 03:07:14 +0000 (+0000)
Subject: Avoid generating invalid character encoding sequences in make_greater_string.
X-Git-Tag: REL7_4_2~47
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a8fcb748e35248c82fe15991958ed9e5e3b8c8dd;p=postgresql

Avoid generating invalid character encoding sequences in make_greater_string.
Not sure how this mistake evaded detection for so long.
---

diff --git a/src/backend/utils/adt/selfuncs.c b/src/backend/utils/adt/selfuncs.c
index dbe930618b..77986d4ca8 100644
--- a/src/backend/utils/adt/selfuncs.c
+++ b/src/backend/utils/adt/selfuncs.c
@@ -15,7 +15,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/adt/selfuncs.c,v 1.147.2.1 2003/12/07 04:12:50 joe Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/adt/selfuncs.c,v 1.147.2.2 2004/02/02 03:07:14 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -3738,6 +3738,11 @@ pattern_selectivity(Const *patt, Pattern_Type ptype)
  *
  * This could be rather slow in the worst case, but in most cases we
  * won't have to try more than one or two strings before succeeding.
+ *
+ * NOTE: at present this assumes we are in the C locale, so that simple
+ * bytewise comparison applies.  However, we might be in a multibyte
+ * encoding such as UTF-8, so we do have to watch out for generating
+ * invalid encoding sequences.
  */
 Const *
 make_greater_string(const Const *str_const)
@@ -3784,13 +3789,20 @@ make_greater_string(const Const *str_const)
 		/*
 		 * Try to generate a larger string by incrementing the last byte.
 		 */
-		if (*lastchar < (unsigned char) 255)
+		while (*lastchar < (unsigned char) 255)
 		{
 			Const	   *workstr_const;
 
 			(*lastchar)++;
+
 			if (datatype != BYTEAOID)
+			{
+				/* do not generate invalid encoding sequences */
+				if (!pg_verifymbstr((const unsigned char *) workstr,
+									len, true))
+					continue;
 				workstr_const = string_to_const(workstr, datatype);
+			}
 			else
 				workstr_const = string_to_bytea_const(workstr, len);