Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-bugs-owner+archive@lists.postgresql.org>)
	id 1wVeis-0026o2-2S
	for pgsql-bugs@arkaria.postgresql.org;
	Sat, 06 Jun 2026 00:17:10 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-bugs-owner+archive@lists.postgresql.org>)
	id 1wVeir-00FM21-2E
	for pgsql-bugs@arkaria.postgresql.org;
	Sat, 06 Jun 2026 00:17:09 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <michael@paquier.xyz>)
	id 1wVeir-00FM1d-1R
	for pgsql-bugs@lists.postgresql.org;
	Sat, 06 Jun 2026 00:17:09 +0000
Received: from fhigh-b7-smtp.messagingengine.com ([202.12.124.158])
	by makus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.98.2)
	(envelope-from <michael@paquier.xyz>)
	id 1wVeip-00000001Jrm-37nL
	for pgsql-bugs@postgresql.org;
	Sat, 06 Jun 2026 00:17:08 +0000
Received: from phl-compute-02.internal (phl-compute-02.internal [10.202.2.42])
	by mailfhigh.stl.internal (Postfix) with ESMTP id 162CB7A0057;
	Fri,  5 Jun 2026 20:17:07 -0400 (EDT)
Received: from phl-frontend-04 ([10.202.2.163])
  by phl-compute-02.internal (MEProxy); Fri, 05 Jun 2026 20:17:07 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paquier.xyz; h=
	cc:cc:content-type:content-type:date:date:from:from:in-reply-to
	:in-reply-to:message-id:mime-version:references:reply-to:subject
	:subject:to:to; s=fm1; t=1780705026; x=1780791426; bh=WQTCbjEw2/
	SFLLlggIPAgQp5jKLDtZ0tfJOmsy9no1U=; b=GfzyR9adLN1kxof8SBukLdhPQj
	QBx1psfL9Na0iBfQTpduW3rZsY9Az6/NVyoYmPQ7XY8S4ZU8f82qd/5DLNthnC9t
	YYk7V5ViZ0sK3ZhG+Z9pw60KvYjsxBXjbv45cbnFcpNi293mNKIlfrq1PoWYBnHH
	0PrNoRjvXdj9EXjI3KvzzIq5fBuE0yGynfP/m2qY9yQRQtyK0dHpb9JD9Lh0TBt+
	0DbcmMqbf2o6KmMHF8CudYmsaUM6bDMGBvFWePAKzUApvPdzIJyAu63XeLeBKbsT
	ho5eeV+G+segv318MZHaIKQBkyRGffDSP211m3txGcskcXRfHiwKU/i+HyHw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:cc:content-type:content-type:date:date
	:feedback-id:feedback-id:from:from:in-reply-to:in-reply-to
	:message-id:mime-version:references:reply-to:subject:subject:to
	:to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=
	1780705026; x=1780791426; bh=WQTCbjEw2/SFLLlggIPAgQp5jKLDtZ0tfJO
	msy9no1U=; b=D7dHQG95LyHNTTtSyKpGdBPaymhur092keQ6weLF/QColceL160
	0ypigZ8MMr8RMshjaQQyp0MDhhkFejRFdXjCJzR7PWpOvNIovB3Jfbx22xd/iL2G
	NXjJ9/om0qIeMDXJMpzQY0JAXM+PY0onvzczDUZYzFI6Ybwuln/XltyYkY7BYeQm
	MjtxxMhqQCJbSrMRU2tRb20+44gOuaUs2pzo15gHxaogih3UPVW9Dtlxc0gNiV2k
	jxsQSfGqKN1rNCns2P+xfQ0KssGfw+2shxXMSptNRzKebEl+TDRdUpSTQLymbJRl
	omtwpQ3sE8N7ST2QTaAbbm9glUapQLMrADQ==
X-ME-Sender: <xms:Amcjamh0pgaE4OKOelKIeiMMWiH2IejY4bnNuf7yZcWUZqAAgtRxUA>
    <xme:AmcjauDAg0QvsLsfPrLkdA83M7_n7mO1kaXaya8c6FwA2Thqh726E71Pm7nl-RKU6
    V_8rChbz9np4NqDxkdYh_SaKTJq2kqtE0JQzVm4UjMpRKUMUursSg>
X-ME-Received: 
 <xmr:AmcjajFtzAepqVX5588E-9uUO1nh7WEthJBRXhE_DxJt6iSnZQk3dA3npQf9HmCk>
X-ME-Proxy-Cause: 
 dmFkZTGzxcjrimVecajvSS1REPgyW5KuL3AZwo3XBJwJNvDdiqsj+hGeLA0AqiSsW2pZor
    eHH3iCjLA652tqyXPLUT3xONUnbEdfsh7IP9vxSdUwTSpHr6qIKLs5ew1sIxg17ij2tGic
    Gpl4LylkUv+4CBU5KM6pRp6L0YygomxHwW4//ocKAN0lAHhakQf4aGcsc5cpWdhhaXn2AI
    WXylrzP0kZ2twqotn8RW2P+Gg2922ktA8dP90wmIGbgV3+iOK1ONVwqkzTbTCJKuqJ5p5q
    WdYejwuZxrSEVU6hAdM/1qtwbulHVgRoV5WWUSnu2fyqHwAwjsJkvegrHWSnEgI99y9RY3
    cVNxiFRMJDBkgCS1ljJnzFrrdDEAE5JiE9Yc9NPJ0kRcUuh0YkRN1nFAZGHvjH9dKikOLg
    ePELHYcQr9qbJ9q0IPMuRwzWbmqrbGAFZyfCSDlgTqjNz4xZ4NnDHT6cT992Ap1TndURnl
    Mb52GUKYs2G5KX8ENNiXpDoiGWNNxnMC7dCqhvtJBglpHBY1RtrTaPubFBO2Orn65WsMC7
    AuBWaaMJR8Gpb/yyds85tkciZZWwXluYsSJvN6YFfJoiwpcr0t2njlFKigoru7ur7srshn
    668gHqyYbvhk4/PLapLBOVqyuKwRW5gotIjYNmtJNo5OQCpNnwibygHpwwkw
X-ME-Proxy: <xmx:AmcjauKRcPxDr-rZ_tanGanqw1sWINRLdc_N8fihwuY-oJROp6ApXA>
    <xmx:AmcjavlemMTjcyYcQOuxsLoaXmQfH5TJMYSAcj9V_HmtXrNZxX7gCA>
    <xmx:AmcjauRzVmT7atxRH5hK2MdyKSPBaZrvBJvI1KWwz9n70fUzv8BLcg>
    <xmx:AmcjapJDCXuSpnw9nGOaHJYJ4c4coGUjtExF5EFn2d7FI8Jj6j8jGA>
    <xmx:AmcjatBYZvV6M1NpTKMzWzUSXFoiAohDFnylUITiklL9YNvIBgBfOExR>
Feedback-ID: i0fe9450f:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri,
 5 Jun 2026 20:17:04 -0400 (EDT)
Date: Sat, 6 Jun 2026 09:17:00 +0900
From: Michael Paquier <michael@paquier.xyz>
To: Ashutosh Sharma <ashu.coek88@gmail.com>
Cc: surya poondla <suryapoondla4@gmail.com>,
	"violin0613@tju.edu.cn" <violin0613@tju.edu.cn>,
	pgsql-bugs@postgresql.org
Subject: Re: Fw: Re: heap_force_common in contrib/pg_surgery/heap_surgery.c
 has an off by one stack buffer overflow
Message-ID: <aiNm_J8qJgfCLPNW@paquier.xyz>
References: <20260604002256.40f1fd544@smtp.qiye.163.com>
 <CAOVWO5p-nQ2ki88uAUO5TNWNZDmX-ZZZmJ3307K0xnsg4q75rA@mail.gmail.com>
 <aiEpyJteDv3q-EMi@paquier.xyz>
 <CAE9k0P=sDshMaBDZzEfNPVo62w7PmnecKhtXX-Zn=AzeQ3k5kA@mail.gmail.com>
 <aiIHe-G6Kg1fXbeb@paquier.xyz>
 <aiJzQt3zRv7Dvm_4@paquier.xyz>
 <CAE9k0P=9M4RzzPpHFdYjPyvfxkEToY-iomUT7twZvKSwsVXQmA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="viae3X/XaYlw6u+n"
Content-Disposition: inline
In-Reply-To: 
 <CAE9k0P=9M4RzzPpHFdYjPyvfxkEToY-iomUT7twZvKSwsVXQmA@mail.gmail.com>
List-Id: <pgsql-bugs.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-bugs@lists.postgresql.org>
List-Owner: <mailto:pgsql-bugs-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-bugs>
Archived-At: 
 <https://www.postgresql.org/message-id/aiNm_J8qJgfCLPNW%40paquier.xyz>
Precedence: bulk


--viae3X/XaYlw6u+n
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Fri, Jun 05, 2026 at 01:30:42PM +0530, Ashutosh Sharma wrote:
> Since "offno" is already 1-based, there doesn't seem to be a need to
> subtract 1 from it and adjust the comparison accordingly.

Sure.  Changed as you have suggested here, and backpatched down to
v14.
--
Michael

--viae3X/XaYlw6u+n
Content-Type: application/pgp-signature; name=signature.asc

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEG72nH6vTowiyblFKnvQgOdbyQH0FAmojZvwACgkQnvQgOdby
QH0ZGg//TtP93l5Vlk84Wxn+WBdkUEAt7rwTtTqBh50MjQeAs5oWNekASwQ1G3d8
bcL+auYaq/jkOgkpRpGjrOWJbtPrCwbC3hrNqfMoV8QfKmYytan0xPYYGQGJVSWu
dtxGTrObf2EhWf/+NDrVDpfVlr+tWA7/jd1IQ6YFmeMlNMNP8K3JOOSLUk9/tqMP
DocDzcvn170nEf10nVIIbxmkA6H/U6ME9aZRma9wX86beeahLeyl1XXGyFB2HvYM
ZkAwQUXzJ1j63tLRqEBsNHyyYB90vP3mPjdFsAnQ4ARzejDnJkalkZEp6vhk0Knc
JUNaTm09SnoyCJLbehVb2IpMMDri9P++kYszFKR9VCBTSBNFrZWVblSY5kINpeVg
h9Dvu/L6tqGM4fE0Ga6mBe/lzVBsDw6lGhkAbOSTI7q9AkxqlPzoyfVenMF/RI0f
/D6PouU1DegmF4KrsFa203Ugv8Xx6UDAtswZ5rDRF+mU9qLWYy6BlbyHkh1OJ8DI
+Mk3Oj1az9Vg1QKms0/nhZx26r7e8PTpR1n2PpQcvkms0HgzktOTt+ULlZB5u0nI
TZxiwudVA+EejLnyq7xf8/Ghb5IQCYTk52G6Cdd75LHeapwaFJpD4QrRApIvzq4u
EyWPQPKJadE3gZJpGv41SUlBhTq0d4MG74+AO/yn73FrJ+nThGA=
=ZLFn
-----END PGP SIGNATURE-----

--viae3X/XaYlw6u+n--