commit 1327c2eea9c7ca074d88bb167bd4c35338d2de0b Author: Alvaro Herrera AuthorDate: Tue Jan 10 02:46:42 2017 -0300 CommitDate: Tue Jan 10 02:46:42 2017 -0300 Fix overflow check in StringInfo A thinko I introduced in fa2fa9955280. Also, amend a similarly broken comment. Report and patch by Daniel Vérité. Discussion: https://postgr.es/m/1706e85e-60d2-494e-8a64-9af1e1b2186e@manitou-mail.org diff --git a/src/backend/lib/stringinfo.c b/src/backend/lib/stringinfo.c index bdc204e..11d751a 100644 --- a/src/backend/lib/stringinfo.c +++ b/src/backend/lib/stringinfo.c @@ -313,19 +313,19 @@ enlargeStringInfo(StringInfo str, int needed) * for efficiency, double the buffer size each time it overflows. * Actually, we might need to more than double it if 'needed' is big... */ - newlen = 2 * str->maxlen; - while (needed > newlen) + newlen = 2 * (Size) str->maxlen; + while ((Size) needed > newlen) newlen = 2 * newlen; /* * Clamp to the limit in case we went past it. Note we are assuming here - * that limit <= INT_MAX/2, else the above loop could overflow. We will + * that limit <= UINT_MAX/2, else the above loop could overflow. We will * still have newlen >= needed. */ if (newlen > limit) newlen = limit; - str->data = (char *) repalloc_huge(str->data, (Size) newlen); + str->data = (char *) repalloc_huge(str->data, newlen); str->maxlen = newlen; }