mirror of
https://github.com/postgres/postgres.git
synced 2026-05-27 12:00:13 -04:00
cfb610eaa0
Sufficiently large "count" arguments could result in undetected overflow, causing the allocated memory chunk to be much smaller than what the caller will subsequently write into it. This is unlikely to be a hazard with 64-bit size_t but can sometimes happen on 32-bit builds, primarily where a function allocates workspace that's significantly larger than its input data. Rather than trying to patch the at-risk callers piecemeal, let's just redefine these macros so that they always check. To do that, move the longstanding add_size() and mul_size() functions into palloc.h and mcxt.c, and adjust them to not be specific to shared-memory allocation. Then invent palloc_mul(), palloc0_mul(), palloc_mul_extended() to use these functions. Actually, the latter use inlined copies to save one function call. repalloc_array() gets similar treatment. I didn't bother trying to inline the calls for repalloc0_array() though. In v14 and v15, this also adds repalloc_extended(), which previously was only available in v16 and up. We need copies of all this in fe_memutils.[hc] as well, since that module also provides palloc_array() etc. Reported-by: Xint Code Author: Tom Lane <tgl@sss.pgh.pa.us> Reviewed-by: Masahiko Sawada <sawada.mshk@gmail.com> Backpatch-through: 14 Security: CVE-2026-6473 |
||
|---|---|---|
| .. | ||
| archive.h | ||
| base64.h | ||
| checksum_helper.h | ||
| compression.h | ||
| config_info.h | ||
| connect.h | ||
| controldata_utils.h | ||
| cryptohash.h | ||
| fe_memutils.h | ||
| file_perm.h | ||
| file_utils.h | ||
| hashfn.h | ||
| hmac.h | ||
| int.h | ||
| int128.h | ||
| ip.h | ||
| jsonapi.h | ||
| keywords.h | ||
| kwlookup.h | ||
| link-canary.h | ||
| logging.h | ||
| md5.h | ||
| openssl.h | ||
| percentrepl.h | ||
| pg_lzcompress.h | ||
| pg_prng.h | ||
| relpath.h | ||
| restricted_token.h | ||
| saslprep.h | ||
| scram-common.h | ||
| sha1.h | ||
| sha2.h | ||
| shortest_dec.h | ||
| string.h | ||
| unicode_east_asian_fw_table.h | ||
| unicode_nonspacing_table.h | ||
| unicode_norm.h | ||
| unicode_norm_hashfunc.h | ||
| unicode_norm_table.h | ||
| unicode_normprops_table.h | ||
| username.h | ||