Dean Rasheed <dean.a.rash...@gmail.com> writes:
> Testing 9.1beta:
> select format('Hello %s, %2147483648$s', 'World');
> server closed the connection unexpectedly
Yeah, same here.
> do
> {
> /* Treat overflowing arg position as
> unterminated. */
> ! if (arg > INT_MAX / 10)
> break;
> arg = arg * 10 + (*cp - '0');
> ++cp;
> --- 3837,3843 ----
> do
> {
> /* Treat overflowing arg position as
> unterminated. */
> ! if (arg >= INT_MAX / 10)
> break;
> arg = arg * 10 + (*cp - '0');
> ++cp;
Not sure I trust this fix to catch all cases --- seems like the addition
could still overflow. It'd probably be better if we made this code look
like the overflow test in scanint8:
int64 newtmp = tmp * 10 + (*ptr++ - '0');
if ((newtmp / 10) != tmp) /* overflow? */
regards, tom lane
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs
