> 15 янв. 2021 г., в 10:24, Peter Eisentraut
> <peter.eisentr...@enterprisedb.com> написал(а):
>
> I noticed this patch while working on another patch for pageinspect [0], and
> this one appears to introduce a problem similar to the one the other patch
> attempts to fix: The "itemlen" output parameters are declared to be of type
> smallint, but the underlying C data is of type uint16 (OffsetNumber). I
> don't know the details of gist enough to determine whether overflow is
> possible here. If not, perhaps a check or at least a comment would be
> useful. Otherwise, these parameters should be of type int in SQL.
Item offsets cannot exceed maximum block size of 32768. And even
32768/sizeof(ItemId). Thus overflow is impossible.
Interesting question is wether pageinspect should protect itself from corrupted
input?
Generating description from bogus tuple, probably, can go wrong.
Best regards, Andrey Borodin.
