From 2e82d0b396473b595a30f68b37b8dfd41c37dff8 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Tue, 10 May 2011 20:36:22 -0400 Subject: [PATCH] Prevent datebsearch() from crashing on base == NULL && nel == 0. Normally nel == 0 works okay because the initial value of "last" will be less than "base"; but if "base" is zero then the calculation wraps around and we have a very large (unsigned) value for "last", so that the loop can be entered and we get a SIGSEGV on a bogus pointer. This is certainly the proximate cause of the recent reports of Windows builds crashing on 'infinity'::timestamp --- evidently, they're either not setting an active timezonetktbl, or setting an empty one. It's not yet clear to me why it's only happening on Windows and not happening on any buildfarm member. But even if that's due to some bug elsewhere, it seems wise for this function to not choke on the powerup values of timezonetktbl/sztimezonetktbl. I also changed the copy of this code in ecpglib, although I am not sure whether it's exposed to a similar hazard. Per report and stack trace from Richard Broersma. --- src/backend/utils/adt/datetime.c | 31 ++++++++++++---------- src/interfaces/ecpg/pgtypeslib/dt_common.c | 31 ++++++++++++---------- 2 files changed, 34 insertions(+), 28 deletions(-) diff --git a/src/backend/utils/adt/datetime.c b/src/backend/utils/adt/datetime.c index db0a6487ac..0a12a9b2e1 100644 --- a/src/backend/utils/adt/datetime.c +++ b/src/backend/utils/adt/datetime.c @@ -3569,24 +3569,27 @@ DateTimeParseError(int dterr, const char *str, const char *datatype) static const datetkn * datebsearch(const char *key, const datetkn *base, int nel) { - const datetkn *last = base + nel - 1, - *position; - int result; - - while (last >= base) + if (nel > 0) { - position = base + ((last - base) >> 1); - result = key[0] - position->token[0]; - if (result == 0) + const datetkn *last = base + nel - 1, + *position; + int result; + + while (last >= base) { - result = strncmp(key, position->token, TOKMAXLEN); + position = base + ((last - base) >> 1); + result = key[0] - position->token[0]; if (result == 0) - return position; + { + result = strncmp(key, position->token, TOKMAXLEN); + if (result == 0) + return position; + } + if (result < 0) + last = position - 1; + else + base = position + 1; } - if (result < 0) - last = position - 1; - else - base = position + 1; } return NULL; } diff --git a/src/interfaces/ecpg/pgtypeslib/dt_common.c b/src/interfaces/ecpg/pgtypeslib/dt_common.c index da3224aae3..45f1f8affd 100644 --- a/src/interfaces/ecpg/pgtypeslib/dt_common.c +++ b/src/interfaces/ecpg/pgtypeslib/dt_common.c @@ -512,24 +512,27 @@ char *pgtypes_date_months[] = {"January", "February", "March", "April", "May" static datetkn * datebsearch(char *key, datetkn *base, unsigned int nel) { - datetkn *last = base + nel - 1, - *position; - int result; - - while (last >= base) + if (nel > 0) { - position = base + ((last - base) >> 1); - result = key[0] - position->token[0]; - if (result == 0) + datetkn *last = base + nel - 1, + *position; + int result; + + while (last >= base) { - result = strncmp(key, position->token, TOKMAXLEN); + position = base + ((last - base) >> 1); + result = key[0] - position->token[0]; if (result == 0) - return position; + { + result = strncmp(key, position->token, TOKMAXLEN); + if (result == 0) + return position; + } + if (result < 0) + last = position - 1; + else + base = position + 1; } - if (result < 0) - last = position - 1; - else - base = position + 1; } return NULL; } -- 2.40.0