| From: | Andres Freund <andres(at)anarazel(dot)de> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Subject: | overflow in snprintf() when printing INT64_MIN |
| Date: | 2018-09-28 00:11:21 |
| Message-ID: | 20180928001121.hhx5n6dsygqxr5wu@alap3.anarazel.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
I just noticed, while reviewing a patch that corrects overflow handing
in snprintf, that we don't correctly handle INT64_MIN in snprintf.c:
static void
fmtint(int64 value, char type, int forcesign, int leftjust,
int minlen, int zpad, int precision, int pointflag,
PrintfTarget *target)
{
...
/* Handle +/- */
if (dosign && adjust_sign((value < 0), forcesign, &signvalue))
value = -value;
If value already is INT64_MIN this can't work. It just happens to fail
to fail, because the later cast with (uint64) value "hides" the damage.
I suspect the best way to fix this, would be to instead do:
/* Handle +/- */
if (dosign && adjust_sign((value < 0), forcesign, &signvalue);
uvalue = -(uint64) value;
else
uvalue = (uint64) value;
Greetings,
Andres Freund
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2018-09-28 00:18:12 | Re: overflow in snprintf() when printing INT64_MIN |
| Previous Message | Andres Freund | 2018-09-27 23:09:11 | Re: [HACKERS] kqueue |