diff options
author | Thomas Munro | 2024-03-02 19:40:41 +0000 |
---|---|---|
committer | Thomas Munro | 2024-03-02 19:40:41 +0000 |
commit | 1e013746544bd1f9df70f5547894fd72719c4b85 (patch) | |
tree | 0c8693ce73a54ae140660ecd45fa3e75018bb533 | |
parent | 653b55b57081dc6fb8c75d61870c5fdc8c8554cc (diff) |
Fix overflow in Windows replacement pg_pread/pg_pwrite.
When calling the Windows file I/O APIs there is an implicit conversion
from size_t to DWORD, which could overflow. Clamp the size at 1GB to
avoid that.
Not a really a live bug as we don't expect anything in PostgreSQL to
call with such large values.
Reviewed-by: Peter Eisentraut <[email protected]>
Discussion: https://postgr.es/m/1672202.1703441340%40sss.pgh.pa.us
-rw-r--r-- | src/port/win32pread.c | 3 | ||||
-rw-r--r-- | src/port/win32pwrite.c | 3 |
2 files changed, 6 insertions, 0 deletions
diff --git a/src/port/win32pread.c b/src/port/win32pread.c index e1a066fdbe..2d022e6d37 100644 --- a/src/port/win32pread.c +++ b/src/port/win32pread.c @@ -30,6 +30,9 @@ pg_pread(int fd, void *buf, size_t size, off_t offset) return -1; } + /* Avoid overflowing DWORD. */ + size = Min(size, 1024 * 1024 * 1024); + /* Note that this changes the file position, despite not using it. */ overlapped.Offset = offset; if (!ReadFile(handle, buf, size, &result, &overlapped)) diff --git a/src/port/win32pwrite.c b/src/port/win32pwrite.c index c54bf041bf..b37bb2f92e 100644 --- a/src/port/win32pwrite.c +++ b/src/port/win32pwrite.c @@ -30,6 +30,9 @@ pg_pwrite(int fd, const void *buf, size_t size, off_t offset) return -1; } + /* Avoid overflowing DWORD. */ + size = Min(size, 1024 * 1024 * 1024); + /* Note that this changes the file position, despite not using it. */ overlapped.Offset = offset; if (!WriteFile(handle, buf, size, &result, &overlapped)) |