Re: Minor binary-search int overflow in timezone code

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Jim Nasby <Jim(dot)Nasby(at)BlueTreble(dot)com>
Cc: Christoph Berg <cb(at)df7cb(dot)de>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Minor binary-search int overflow in timezone code
Date: 2014-12-16 01:48:25
Message-ID: 14615.1418694505@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Jim Nasby <Jim(dot)Nasby(at)BlueTreble(dot)com> writes:
> On 12/15/14, 1:39 PM, Christoph Berg wrote:
>> Well, if it's not interesting, let's just forget it. Sorry.

> At the risk of sticking my head in the lions mouth... this is the kind of response that deters people from contributing anything to the project, including reviewing patches. A simple "thanks, but we feel it's already clear enough that there can't be anywhere close to INT_MAX timezones" would have sufficed.

Yeah, I need to apologize. I was a bit on edge today due to the release
wrap (which you may have noticed wasn't going too smoothly), and should
not have responded like that.

Having said that, though, the submission wasn't carefully thought through
either. That problem was either not-an-issue or a potential security bug,
and if the submitter hadn't taken the time to be sure which, reporting it
in a public forum wasn't the way to proceed.

I also remain curious as to what sort of tool would complain about this
particular code and not the N other nearly-identical binary-search loops
in the PG sources, most of which deal with data structures potentially
far larger than the timezone data ...

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Noah Misch 2014-12-16 02:07:12 Re: tracking commit timestamps
Previous Message Michael Paquier 2014-12-16 01:38:27 Re: pg_rewind in contrib