NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commitdb8855b

committed

Fix mis-rounding and overflow hazards in date_bin().

In the case where the target timestamp is before the origin timestampand their difference is already an exact multiple of the stride, thecode incorrectly subtracted the stride anyway.Also detect several integer-overflow cases that previously producedbogus results. (The submitted patch tried to avoid overflow, butI'm not convinced it's right, and problematic cases are so far out ofthe plausibly-useful range that they don't seem worth sweating over.Let's just use overflow-detecting arithmetic and throw errors.)timestamp_bin() and timestamptz_bin() are basically identical andso had identical bugs. Fix both.Report and patch by Moaaz Assali, adjusted some by me. Back-patchto v14 where date_bin() was introduced.Discussion:https://postgr.es/m/CALkF+nvtuas-2kydG-WfofbRSJpyODAJWun==W-yO5j2R4meqA@mail.gmail.com

1 parent172d7f7 commitdb8855bCopy full SHA for db8855b

File tree

5 files changed

+97

-19

lines changed

src
- backend/utils/adt
  - timestamp.c
- test/regress
  - expected
    - timestamp.out
    - timestamptz.out
  - sql
    - timestamp.sql
    - timestamptz.sql

5 files changed

+97

-19

lines changed

`‎src/backend/utils/adt/timestamp.c`

Lines changed: 53 additions & 19 deletions

Original file line number	Diff line number	Diff line change
`@@ -3924,8 +3924,9 @@ timestamp_bin(PG_FUNCTION_ARGS)`
`3924`	`3924`	`Timestamptimestamp=PG_GETARG_TIMESTAMP(1);`
`3925`	`3925`	`Timestamporigin=PG_GETARG_TIMESTAMP(2);`
`3926`	`3926`	`Timestampresult,`
`3927`		`-tm_diff,`
`3928`	`3927`	`stride_usecs,`
	`3928`	`+tm_diff,`
	`3929`	`+tm_modulo,`
`3929`	`3930`	`tm_delta;`
`3930`	`3931`
`3931`	`3932`	`if (TIMESTAMP_NOT_FINITE(timestamp))`
`@@ -3941,24 +3942,40 @@ timestamp_bin(PG_FUNCTION_ARGS)`
`3941`	`3942`	`(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),`
`3942`	`3943`	`errmsg("timestamps cannot be binned into intervals containing months or years")));`
`3943`	`3944`
`3944`		`-stride_usecs=stride->day*USECS_PER_DAY+stride->time;`
	`3945`	`+if (unlikely(pg_mul_s64_overflow(stride->day,USECS_PER_DAY,&stride_usecs))\|\|`
	`3946`	`+unlikely(pg_add_s64_overflow(stride_usecs,stride->time,&stride_usecs)))`
	`3947`	`+ereport(ERROR,`
	`3948`	`+(errcode(ERRCODE_DATETIME_VALUE_OUT_OF_RANGE),`
	`3949`	`+errmsg("interval out of range")));`
`3945`	`3950`
`3946`	`3951`	`if (stride_usecs <=0)`
`3947`	`3952`	`ereport(ERROR,`
`3948`	`3953`	`(errcode(ERRCODE_DATETIME_VALUE_OUT_OF_RANGE),`
`3949`	`3954`	`errmsg("stride must be greater than zero")));`
`3950`	`3955`
`3951`		`-tm_diff=timestamp-origin;`
`3952`		`-tm_delta=tm_diff-tm_diff %stride_usecs;`
	`3956`	`+if (unlikely(pg_sub_s64_overflow(timestamp,origin,&tm_diff)))`
	`3957`	`+ereport(ERROR,`
	`3958`	`+(errcode(ERRCODE_DATETIME_VALUE_OUT_OF_RANGE),`
	`3959`	`+errmsg("interval out of range")));`
	`3960`	`+`
	`3961`	`+/* These calculations cannot overflow */`
	`3962`	`+tm_modulo=tm_diff %stride_usecs;`
	`3963`	`+tm_delta=tm_diff-tm_modulo;`
	`3964`	`+result=origin+tm_delta;`
`3953`	`3965`
`3954`	`3966`	`/*`
`3955`		`- * Make sure the returned timestamp is at the start of the bin, even if`
`3956`		`- * the origin is in the future.`
	`3967`	`+ * We want to round towards -infinity, not 0, when tm_diff is negative and`
	`3968`	`+ * not a multiple of stride_usecs. This adjustment can cause overflow,`
	`3969`	`+ * since the result might now be out of the range origin .. timestamp.`
`3957`	`3970`	`*/`
`3958`		`-if (origin>timestamp&&stride_usecs>1)`
`3959`		`-tm_delta-=stride_usecs;`
`3960`		`-`
`3961`		`-result=origin+tm_delta;`
	`3971`	`+if (tm_modulo<0)`
	`3972`	`+{`
	`3973`	`+if (unlikely(pg_sub_s64_overflow(result,stride_usecs,&result))\|\|`
	`3974`	`+!IS_VALID_TIMESTAMP(result))`
	`3975`	`+ereport(ERROR,`
	`3976`	`+(errcode(ERRCODE_DATETIME_VALUE_OUT_OF_RANGE),`
	`3977`	`+errmsg("timestamp out of range")));`
	`3978`	`+}`
`3962`	`3979`
`3963`	`3980`	`PG_RETURN_TIMESTAMP(result);`
`3964`	`3981`	`}`
`@@ -4109,6 +4126,7 @@ timestamptz_bin(PG_FUNCTION_ARGS)`
`4109`	`4126`	`TimestampTzresult,`
`4110`	`4127`	`stride_usecs,`
`4111`	`4128`	`tm_diff,`
	`4129`	`+tm_modulo,`
`4112`	`4130`	`tm_delta;`
`4113`	`4131`
`4114`	`4132`	`if (TIMESTAMP_NOT_FINITE(timestamp))`
`@@ -4124,24 +4142,40 @@ timestamptz_bin(PG_FUNCTION_ARGS)`
`4124`	`4142`	`(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),`
`4125`	`4143`	`errmsg("timestamps cannot be binned into intervals containing months or years")));`
`4126`	`4144`
`4127`		`-stride_usecs=stride->day*USECS_PER_DAY+stride->time;`
	`4145`	`+if (unlikely(pg_mul_s64_overflow(stride->day,USECS_PER_DAY,&stride_usecs))\|\|`
	`4146`	`+unlikely(pg_add_s64_overflow(stride_usecs,stride->time,&stride_usecs)))`
	`4147`	`+ereport(ERROR,`
	`4148`	`+(errcode(ERRCODE_DATETIME_VALUE_OUT_OF_RANGE),`
	`4149`	`+errmsg("interval out of range")));`
`4128`	`4150`
`4129`	`4151`	`if (stride_usecs <=0)`
`4130`	`4152`	`ereport(ERROR,`
`4131`	`4153`	`(errcode(ERRCODE_DATETIME_VALUE_OUT_OF_RANGE),`
`4132`	`4154`	`errmsg("stride must be greater than zero")));`
`4133`	`4155`
`4134`		`-tm_diff=timestamp-origin;`
`4135`		`-tm_delta=tm_diff-tm_diff %stride_usecs;`
	`4156`	`+if (unlikely(pg_sub_s64_overflow(timestamp,origin,&tm_diff)))`
	`4157`	`+ereport(ERROR,`
	`4158`	`+(errcode(ERRCODE_DATETIME_VALUE_OUT_OF_RANGE),`
	`4159`	`+errmsg("interval out of range")));`
	`4160`	`+`
	`4161`	`+/* These calculations cannot overflow */`
	`4162`	`+tm_modulo=tm_diff %stride_usecs;`
	`4163`	`+tm_delta=tm_diff-tm_modulo;`
	`4164`	`+result=origin+tm_delta;`
`4136`	`4165`
`4137`	`4166`	`/*`
`4138`		`- * Make sure the returned timestamp is at the start of the bin, even if`
`4139`		`- * the origin is in the future.`
	`4167`	`+ * We want to round towards -infinity, not 0, when tm_diff is negative and`
	`4168`	`+ * not a multiple of stride_usecs. This adjustment can cause overflow,`
	`4169`	`+ * since the result might now be out of the range origin .. timestamp.`
`4140`	`4170`	`*/`
`4141`		`-if (origin>timestamp&&stride_usecs>1)`
`4142`		`-tm_delta-=stride_usecs;`
`4143`		`-`
`4144`		`-result=origin+tm_delta;`
	`4171`	`+if (tm_modulo<0)`
	`4172`	`+{`
	`4173`	`+if (unlikely(pg_sub_s64_overflow(result,stride_usecs,&result))\|\|`
	`4174`	`+!IS_VALID_TIMESTAMP(result))`
	`4175`	`+ereport(ERROR,`
	`4176`	`+(errcode(ERRCODE_DATETIME_VALUE_OUT_OF_RANGE),`
	`4177`	`+errmsg("timestamp out of range")));`
	`4178`	`+}`
`4145`	`4179`
`4146`	`4180`	`PG_RETURN_TIMESTAMPTZ(result);`
`4147`	`4181`	`}`

`‎src/test/regress/expected/timestamp.out`

Lines changed: 14 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -699,6 +699,13 @@ SELECT date_bin('5 min'::interval, timestamp '2020-02-01 01:01:01', timestamp '2`
`699`	`699`	`Sat Feb 01 00:57:30 2020`
`700`	`700`	`(1 row)`
`701`	`701`
	`702`	`+-- test roundoff edge case when source < origin`
	`703`	`+SELECT date_bin('30 minutes'::interval, timestamp '2024-02-01 15:00:00', timestamp '2024-02-01 17:00:00');`
	`704`	`+ date_bin`
	`705`	`+--------------------------`
	`706`	`+ Thu Feb 01 15:00:00 2024`
	`707`	`+(1 row)`
	`708`	`+`
`702`	`709`	`-- disallow intervals with months or years`
`703`	`710`	`SELECT date_bin('5 months'::interval, timestamp '2020-02-01 01:01:01', timestamp '2001-01-01');`
`704`	`711`	`ERROR: timestamps cannot be binned into intervals containing months or years`
`@@ -710,6 +717,13 @@ ERROR: stride must be greater than zero`
`710`	`717`	`-- disallow negative intervals`
`711`	`718`	`SELECT date_bin('-2 days'::interval, timestamp '1970-01-01 01:00:00' , timestamp '1970-01-01 00:00:00');`
`712`	`719`	`ERROR: stride must be greater than zero`
	`720`	`+-- test overflow cases`
	`721`	`+select date_bin('15 minutes'::interval, timestamp '294276-12-30', timestamp '4000-12-20 BC');`
	`722`	`+ERROR: interval out of range`
	`723`	`+select date_bin('200000000 days'::interval, '2024-02-01'::timestamp, '2024-01-01'::timestamp);`
	`724`	`+ERROR: interval out of range`
	`725`	`+select date_bin('365000 days'::interval, '4400-01-01 BC'::timestamp, '4000-01-01 BC'::timestamp);`
	`726`	`+ERROR: timestamp out of range`
`713`	`727`	`-- Test casting within a BETWEEN qualifier`
`714`	`728`	`SELECT d1 - timestamp without time zone '1997-01-02' AS diff`
`715`	`729`	`FROM TIMESTAMP_TBL`

`‎src/test/regress/expected/timestamptz.out`

Lines changed: 14 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -743,6 +743,13 @@ SELECT date_bin('5 min'::interval, timestamptz '2020-02-01 01:01:01+00', timesta`
`743`	`743`	`Fri Jan 31 16:57:30 2020 PST`
`744`	`744`	`(1 row)`
`745`	`745`
	`746`	`+-- test roundoff edge case when source < origin`
	`747`	`+SELECT date_bin('30 minutes'::interval, timestamptz '2024-02-01 15:00:00', timestamptz '2024-02-01 17:00:00');`
	`748`	`+ date_bin`
	`749`	`+------------------------------`
	`750`	`+ Thu Feb 01 15:00:00 2024 PST`
	`751`	`+(1 row)`
	`752`	`+`
`746`	`753`	`-- disallow intervals with months or years`
`747`	`754`	`SELECT date_bin('5 months'::interval, timestamp with time zone '2020-02-01 01:01:01+00', timestamp with time zone '2001-01-01+00');`
`748`	`755`	`ERROR: timestamps cannot be binned into intervals containing months or years`
`@@ -754,6 +761,13 @@ ERROR: stride must be greater than zero`
`754`	`761`	`-- disallow negative intervals`
`755`	`762`	`SELECT date_bin('-2 days'::interval, timestamp with time zone '1970-01-01 01:00:00+00' , timestamp with time zone '1970-01-01 00:00:00+00');`
`756`	`763`	`ERROR: stride must be greater than zero`
	`764`	`+-- test overflow cases`
	`765`	`+select date_bin('15 minutes'::interval, timestamptz '294276-12-30', timestamptz '4000-12-20 BC');`
	`766`	`+ERROR: interval out of range`
	`767`	`+select date_bin('200000000 days'::interval, '2024-02-01'::timestamptz, '2024-01-01'::timestamptz);`
	`768`	`+ERROR: interval out of range`
	`769`	`+select date_bin('365000 days'::interval, '4400-01-01 BC'::timestamptz, '4000-01-01 BC'::timestamptz);`
	`770`	`+ERROR: timestamp out of range`
`757`	`771`	`-- Test casting within a BETWEEN qualifier`
`758`	`772`	`SELECT d1 - timestamp with time zone '1997-01-02' AS diff`
`759`	`773`	`FROM TIMESTAMPTZ_TBL`

`‎src/test/regress/sql/timestamp.sql`

Lines changed: 8 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -259,6 +259,9 @@ FROM (`
`259`	`259`	`-- shift bins using the origin parameter:`
`260`	`260`	`SELECT date_bin('5 min'::interval,timestamp'2020-02-01 01:01:01',timestamp'2020-02-01 00:02:30');`
`261`	`261`
	`262`	`+-- test roundoff edge case when source < origin`
	`263`	`+SELECT date_bin('30 minutes'::interval,timestamp'2024-02-01 15:00:00',timestamp'2024-02-01 17:00:00');`
	`264`	`+`
`262`	`265`	`-- disallow intervals with months or years`
`263`	`266`	`SELECT date_bin('5 months'::interval,timestamp'2020-02-01 01:01:01',timestamp'2001-01-01');`
`264`	`267`	`SELECT date_bin('5 years'::interval,timestamp'2020-02-01 01:01:01',timestamp'2001-01-01');`
`@@ -269,6 +272,11 @@ SELECT date_bin('0 days'::interval, timestamp '1970-01-01 01:00:00' , timestamp`
`269`	`272`	`-- disallow negative intervals`
`270`	`273`	`SELECT date_bin('-2 days'::interval,timestamp'1970-01-01 01:00:00' ,timestamp'1970-01-01 00:00:00');`
`271`	`274`
	`275`	`+-- test overflow cases`
	`276`	`+select date_bin('15 minutes'::interval,timestamp'294276-12-30',timestamp'4000-12-20 BC');`
	`277`	`+select date_bin('200000000 days'::interval,'2024-02-01'::timestamp,'2024-01-01'::timestamp);`
	`278`	`+select date_bin('365000 days'::interval,'4400-01-01 BC'::timestamp,'4000-01-01 BC'::timestamp);`
	`279`	`+`
`272`	`280`	`-- Test casting within a BETWEEN qualifier`
`273`	`281`	`SELECT d1-timestamp without time zone'1997-01-02'AS diff`
`274`	`282`	`FROM TIMESTAMP_TBL`

`‎src/test/regress/sql/timestamptz.sql`

Lines changed: 8 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -234,6 +234,9 @@ FROM (`
`234`	`234`	`-- shift bins using the origin parameter:`
`235`	`235`	`SELECT date_bin('5 min'::interval,timestamptz'2020-02-01 01:01:01+00',timestamptz'2020-02-01 00:02:30+00');`
`236`	`236`
	`237`	`+-- test roundoff edge case when source < origin`
	`238`	`+SELECT date_bin('30 minutes'::interval,timestamptz'2024-02-01 15:00:00',timestamptz'2024-02-01 17:00:00');`
	`239`	`+`
`237`	`240`	`-- disallow intervals with months or years`
`238`	`241`	`SELECT date_bin('5 months'::interval,timestamp with time zone'2020-02-01 01:01:01+00',timestamp with time zone'2001-01-01+00');`
`239`	`242`	`SELECT date_bin('5 years'::interval,timestamp with time zone'2020-02-01 01:01:01+00',timestamp with time zone'2001-01-01+00');`
`@@ -244,6 +247,11 @@ SELECT date_bin('0 days'::interval, timestamp with time zone '1970-01-01 01:00:0`
`244`	`247`	`-- disallow negative intervals`
`245`	`248`	`SELECT date_bin('-2 days'::interval,timestamp with time zone'1970-01-01 01:00:00+00' ,timestamp with time zone'1970-01-01 00:00:00+00');`
`246`	`249`
	`250`	`+-- test overflow cases`
	`251`	`+select date_bin('15 minutes'::interval,timestamptz'294276-12-30',timestamptz'4000-12-20 BC');`
	`252`	`+select date_bin('200000000 days'::interval,'2024-02-01'::timestamptz,'2024-01-01'::timestamptz);`
	`253`	`+select date_bin('365000 days'::interval,'4400-01-01 BC'::timestamptz,'4000-01-01 BC'::timestamptz);`
	`254`	`+`
`247`	`255`	`-- Test casting within a BETWEEN qualifier`
`248`	`256`	`SELECT d1-timestamp with time zone'1997-01-02'AS diff`
`249`	`257`	`FROM TIMESTAMPTZ_TBL`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitdb8855b

File tree

5 files changed

5 files changed

`‎src/backend/utils/adt/timestamp.c`

`‎src/test/regress/expected/timestamp.out`

`‎src/test/regress/expected/timestamptz.out`

`‎src/test/regress/sql/timestamp.sql`

`‎src/test/regress/sql/timestamptz.sql`

0 commit comments