- Notifications
You must be signed in to change notification settings - Fork5.2k
Commit8ce7948
committed
read_stream: Fix overflow hazard with large shared buffers
If the limit returned by GetAdditionalPinLimit() is large, the buffer_limitvariable in read_stream_start_pending_read() can overflow. While the code iscareful to limit buffer_limit PG_INT16_MAX, we subsequently add the number offorwarded buffers.The overflow can lead to assertion failures, crashes or wrong query resultswhen using large shared buffers.It seems easier to avoid this if we make the buffer_limit variable an int,instead of an int16. Do so, and clamp buffer_limit after adding the number offorwarded buffers.It's possible we might want to address this and related issues more widely bychanging to int instead of int16 more widely, but since the consequences ofthis bug can be confusing, it seems better to fix it now.This bug was introduced ined0b87c.Discussion:https://postgr.es/m/ewvz3cbtlhrwqk7h6ca6cctiqh7r64ol3pzb3iyjycn2r5nxk5@tnhw3a5zatlr1 parent717d0e8 commit8ce7948
1 file changed
+4
-1
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
237 | 237 | | |
238 | 238 | | |
239 | 239 | | |
240 | | - | |
| 240 | + | |
241 | 241 | | |
242 | 242 | | |
243 | 243 | | |
| |||
294 | 294 | | |
295 | 295 | | |
296 | 296 | | |
| 297 | + | |
297 | 298 | | |
| 299 | + | |
| 300 | + | |
298 | 301 | | |
299 | 302 | | |
300 | 303 | | |
| |||
0 commit comments
Comments
(0)