Re: [PATCH] bms_prev_member() can read beyond the end of the array of allocated words

From: David Rowley <dgrowleyml(at)gmail(dot)com>
To: Greg Burd <greg(at)burd(dot)me>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject: Re: [PATCH] bms_prev_member() can read beyond the end of the array of allocated words
Date: 2025-08-14 14:49:18
Message-ID: CAApHDvqRFbGZx_7FZ-VjVj8m6XzX_Hzmz=FbOvO6fGhNx0EggQ@mail.gmail.com
Views: Whole Thread | Raw Message | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Fri, 15 Aug 2025 at 02:21, Greg Burd <greg(at)burd(dot)me> wrote:
> I found this too, and also the "one above" part seemed wrong to me as well.

It is valid to pass prevbit as a->nwords * BITS_PER_BITMAPWORD as the
code does "prevbit--;". Maybe it would be less confusing if it were
written as:

* "prevbit" must be less than or equal to "a->nwords * BITS_PER_BITMAPWORD".

The Assert should be using <= rather than <.

David

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message KAZAR Ayoub 2025-08-14 14:59:55 Re: Speed up COPY FROM text/CSV parsing using SIMD
Previous Message Alexander Borisov 2025-08-14 14:41:42 Re: Improve the performance of Unicode Normalization Forms.