Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wVHJW-001qNU-2A for pgsql-bugs@arkaria.postgresql.org; Thu, 04 Jun 2026 23:17:26 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.96) (envelope-from ) id 1wVHJV-009Ehp-1t for pgsql-bugs@arkaria.postgresql.org; Thu, 04 Jun 2026 23:17:25 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wVHJV-009Ehh-13 for pgsql-bugs@lists.postgresql.org; Thu, 04 Jun 2026 23:17:25 +0000 Received: from fout-a7-smtp.messagingengine.com ([103.168.172.150]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.2) (envelope-from ) id 1wVHJT-00000001JsW-0oIp for pgsql-bugs@postgresql.org; Thu, 04 Jun 2026 23:17:25 +0000 Received: from phl-compute-01.internal (phl-compute-01.internal [10.202.2.41]) by mailfout.phl.internal (Postfix) with ESMTP id BA669EC00D7; Thu, 4 Jun 2026 19:17:20 -0400 (EDT) Received: from phl-frontend-03 ([10.202.2.162]) by phl-compute-01.internal (MEProxy); Thu, 04 Jun 2026 19:17:20 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paquier.xyz; h= cc:cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm1; t=1780615040; x=1780701440; bh=fX6fPInNRk JkOlyJ3B8rkosyziFqq2YlxMEvVtT5G2k=; b=yNVhcClToQvdx3zl8EHB2yp8cd mR42oDC1LTBpvBsWGWNr6OBxznJ5Di1MnOwuDjRJesDPEBpZEb16pLW3KCZibl0J p8ht1z9ihvvazmNphZ/5bOYS5xGLnVV/yRBgIgsqlMIKd9XArQIE0KdzHWx7Tn0P ufGM73jyddR7YA4fFIx+u7LddZH2xxDD6gvHwnIp3Rj2SBh0uwPa1vdmjVSrwLHK 7fpjUuM1DE0nWhjWwU8LiDZzPVeF9VzUqCD1/sshh3fzg9DjNlIHLOQpwgvwtuKi ljhcKC7tuapKE1OrlU+imv+axiVmjjnb/LgrlFGC156bUePeMUjYXZ9IThyQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t= 1780615040; x=1780701440; bh=fX6fPInNRkJkOlyJ3B8rkosyziFqq2YlxME vVtT5G2k=; b=cV6upiM7AfE+3XFQ0fuoudUdfZxT+I3smgArVn+PGjw9MYA08xF 7KyvKHx0ckIOdLxJQl4XnbHvNiEa5SlqjlwgAM/vr6uH/v95GWNeD+3JFvAaVrXn /FVXcfOBE8vxM/DL+cqX1/WURGgRAJd0k/5vlgOkaDMi3nDxZ5mJQPjZKpHxCUdw QmXcV3R3JqYytccU49kyhr+h5FnAEcayuqYsDWaHnOaQFVj24azYsUDTmZg5Hfj/ Aj3SsX85NsIQGb9boY2vLUQgHbvqp4xYLG7nVNFkmDxNNmFz8mzJmoHGlQINWfX4 83aLUN5auiBMMz36d2lonbDK7ZcQgdLwz2w== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: dmFkZTEf9VWCSwLm5FyhoVAVf1FJB/Qbn1BOoVVgSQGpIJ694tXADTMVDjE8z8nEWx41Mv tDRp4FwX2OzGDupiLjSQKdMhS3fYr8sAy7EZkulKLOlohnGd+Qr4YRBfL72bAL717gt5w3 ZiUg9bhn6X4rwbFdrGNlMyNjUny4l1eboPStboXx73nLhs1WWdNsmNdYEUWy3H/cOTBK5c skNxPMiM/oLrgMLKan5SPhAdzXJvN72WzLQC28rkp+rNMRCenKux4Qyz7MbTqA9uIcoFT8 Q2E189SuVZbxwLGsXsC8y6Onzpw12CTdSQyGqMaqtN5YHH+ldtaJOnS5bp740wLgt0ZKpo 08B0isrUt5ZWx+j8bfA4TaeB3ahGjgHc9VYXAtQPEplLGVJepbm0QOOD7k5Crpi1WaE4wV BRohnsndiz9R3HHpZMRq7wTS8gufnqOdfbM8NrtBjcVNvnwoT05Z6sgGNbu/Na5qN7a5vL zSPQp8ILSWCVqXQ3l9QvLVXc4AIqRQfTiXdDeLyem7dwIwapnMiNvjAdWMKnvX2jApCSsv zzqvPepiODDqC8ut/NBNDYLx54mzVgr6dQ5rOUQewIncmiofJKgmySQs7NEhJAI4eIvJia 6LzJLGQZrXuS+4/Mucm8NX+kIZ9FyBg1qinLsTuF/lfTFjtNg+gl5XMLD5Iw X-ME-Proxy: Feedback-ID: i0fe9450f:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 4 Jun 2026 19:17:18 -0400 (EDT) Date: Fri, 5 Jun 2026 08:17:15 +0900 From: Michael Paquier To: Ashutosh Sharma Cc: surya poondla , "violin0613@tju.edu.cn" , pgsql-bugs@postgresql.org Subject: Re: Fw: Re: heap_force_common in contrib/pg_surgery/heap_surgery.c has an off by one stack buffer overflow Message-ID: References: <20260604002256.40f1fd544@smtp.qiye.163.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="vgLzcDt7lTAit9zu" Content-Disposition: inline In-Reply-To: List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --vgLzcDt7lTAit9zu Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Thu, Jun 04, 2026 at 02:42:23PM +0530, Ashutosh Sharma wrote: > These are admittedly small risks, but they are real ones. Keeping the > array 1-based eliminates that entire class of potential confusion and > makes the code easier to maintain going forward. I'd lean toward > Surya's approach for that reason. That depends on the code path involved: - pruneheap.c has "processed" and "htsv", that use a +1 index to avoid the substract, where we also worry about performance. - heapam_handler.c has in_index, that uses a -1 index. At the end, the first pattern is an outlier, we don't need to worry about performance in pg_surgery, and we're talking about three lines of code in pg_surgery to change (two for include_this_tid, one for the assertion). With all that in mind, I'd just do a -1 conversion and call it a day. :) -- Michael --vgLzcDt7lTAit9zu Content-Type: application/pgp-signature; name=signature.asc -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEG72nH6vTowiyblFKnvQgOdbyQH0FAmoiB3sACgkQnvQgOdby QH0YhA/+IDp+CMLRJCH5b2LZOPFtKXzpEIiVqVw7MIs0Xk+MGRRIPGTO7O7GFRC+ Q/AFeym/c39GfM2EctZVPeO6uRlNK3k9E5YbWr9/EmEIDp8+vsr8mgLwb5j5JdKB 66Gn/UoABY32KFXiqyJvQENktTgq5czEZ46Pr1W2nqgTVV/wK0dC3Z8ebol53gw6 hRGuzsGsUbj6hEY9RUaRgpMtSlg1mUesPTEttb9Lqv6A8VwSj22PXn8QVLaqlhAk amp5RpfMzKa/714SEf8aM7IFQ2ve++0MsO8QhQD4heWVEFqasRVg1jFSd6z1pZLW 7eEPMZ1fqQ4erwPwrduJxBRxHGK8P6lAvhivvpc/80Txs7wGg+T1zlv8QO/cs7oL 7Xkc84BonNM+mooX69frcWnuRwj+SyJ7D+kaij8UZ966bnmir/P7L1W7fZV/wBf8 ati5ZOFmAaEcKUz7IqbJrdcvAtVJ1MYanJJnjBaIE3v7o/RITeGvrKX+pnzWDaqI hx5vNbtS2Szg8jOyXsVKJIbiF6deDI6n5tf7yJonKnr0jzid9KqT6o6nb3uMs3NT WpdzD3OeXOpb2s2ygk+grvNYKKzkEnzhJOpPNfg9MUdvPTulk3W+i1oO7sQwHfmt Bu3KZoTQd3Nxgs+/nNVT9qaLqKKhPFrw7aoFEH56fDmhNHKM668= =M1/K -----END PGP SIGNATURE----- --vgLzcDt7lTAit9zu--