Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wJrSB-000Mko-0j for pgsql-hackers@arkaria.postgresql.org; Mon, 04 May 2026 11:27:11 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.96) (envelope-from ) id 1wJrSA-006rne-0E for pgsql-hackers@arkaria.postgresql.org; Mon, 04 May 2026 11:27:10 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wJrS9-006rnW-2Y for pgsql-hackers@lists.postgresql.org; Mon, 04 May 2026 11:27:09 +0000 Received: from mail-ej1-x635.google.com ([2a00:1450:4864:20::635]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.98.2) (envelope-from ) id 1wJrS7-00000000RJc-2Ui4 for pgsql-hackers@lists.postgresql.org; Mon, 04 May 2026 11:27:09 +0000 Received: by mail-ej1-x635.google.com with SMTP id a640c23a62f3a-bc1f0f48351so133353166b.1 for ; Mon, 04 May 2026 04:27:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1777894025; cv=none; d=google.com; s=arc-20240605; b=gzE4cwOEQ5AivVGesUa6qSXRhdFHuatNhJvYQ4WIVny7RUt05Z8P9OQaKZsZTEbJod PfsnHT6qey+rgpKP6DPqu9Gy3pshH6FyJQilXseUHOVhKxeHy010PKBl2z4nBco16uqz X8lGuIsBi205AAE2T/pRPBgN1X586TpchPLFLbogo0XWVF5Nd7dM8GmIcx1VFQRyW3CN x/j7Zz47H8n/e3D8oQjrnmPA71eOksOHaqM+gHCkh/iynhTbk2mEEqhaZESIDUKuYVNS uZl6i3oMmnNQBqGSfd1cmqAX58EYAPrLUKWErWPsuVDYDTFe0wPyXAUq749YbetFoDQ0 7GXg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=to:subject:message-id:date:from:mime-version:dkim-signature; bh=rqdQSRh1i4W1+eoGan7jo0Kax0gb9LV4/aIg5dvWopQ=; fh=nwNxTtLLPTU0ewfLM7SSbrjMajMl+wwnFkCY/fi90vE=; b=i+zNJHonQyqVCoz2Xc4MZkgjTkOcVPllrvFgeqzEs7cZnNkHZr8a05jvdkKp22poP9 BpClyX8Hl1EzCE1rXPPrbFUBneRuZ6iRXPPQ5aTIxPTIkIrEm3fAEBn3U2yQn7qi2YlU 4KRrtZXEZDEbRbwWb+oszXsBaqryCcXi8XVYi2a/5IOBdM0B0xor7l3RLIJYC8Ynn2hW OlnJL+P0qxXOKot+DGGhaKZfOYxylsQxSaODFPp7eG2P9IK5Y+7nVl5bXFLILFC4mWZa UqFUjKvjxjTqOPoYLhPEAEH48OcsFv7IWWfeo0DfxXshEviaoRJxti3jdGWs91p9xrYT 1sEw==; darn=lists.postgresql.org ARC-Authentication-Results: i=1; mx.google.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1777894025; x=1778498825; darn=lists.postgresql.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=rqdQSRh1i4W1+eoGan7jo0Kax0gb9LV4/aIg5dvWopQ=; b=GORkoG8BR4mSU6RIS0SKAkMMwsgsdxC4y79hXJy9NrcKafjJy7M4vKZbB1CgRyj6Xj dVzOo4TDB7E5jTowLyWCzMQKmvL2knEn3FVZzPu60v11YRHJFJXKmw2ej4bdAHBiMXs6 cCF6XUHOQAiScSfpQuak48GvUtn8sdUeuAVoE6ay3fFcnCV2FJqS7AkEgytjTnCIUmJI w4R0ZvhjuXsLompl/2htWOK+MWhNztwggPLJmlQaMnpw03VxN+J2AJ7DSZLrDHuUnCNM 3gHGK1QEnl28eTqHaMvFVuD96aHToADi1QMeDhXLerR3S1q818ylmsPBQ7/JBBAoUyiP AvjA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1777894025; x=1778498825; h=to:subject:message-id:date:from:mime-version:x-gm-gg :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=rqdQSRh1i4W1+eoGan7jo0Kax0gb9LV4/aIg5dvWopQ=; b=l8Rd+tPPLZtfRh8aCfxTF8teenOEPPangzMNDlU7VOL/KNVmsIjtUBrqi1pxsEgWte pzdtkDLu9/UwOX5fDjz+rvkyBrz/GNA1nc614jThcCB9fueL/RQf7gWlwB4keTCzgs15 JEPU1t7JiegtRjxsD4IQg40SSHLYZkqR5dInN9eHdxV0BmcV5G0ctp8KlBrf8ZxqGY1Z maRwrMym9vp+uJxtZojrHAxssZ4aDfGylECOLI4Y/9UtoY9ZuDsSi18PztMzARl67t4J 07r48ngZGpBn5Tpbl5OXpFdZliDqnVCzpQX7zstgMVL/A71WJgcFWhd6UfvK9to2So84 Q1Kw== X-Gm-Message-State: AOJu0Yy+nxiJeH5qLEZ81c99rgqdvEEXwKFB5/Z2gRkkg/XyMBGRqBNX cd27aXAAiYxsyPv4zKnv/0+6Hz9CRq7YolHNnPkY6ZvMcxQOunk/zjEDJxG7DaNgjDItDGDgYOu f8YfMNd7V7MRXj7e8dAl90xVV2/dbqWzlJiYI X-Gm-Gg: AeBDieuSH2qs5FYfqWDIfH72RK6vJ5iOGd8GZd7hdUwyt2VPky2zCUCqIQxUWTRxQxP x3fd9vDMF37s+zdML5uIbegfH86bA57yKaGH9h4XsSyJQlEvHdo4fZTHl+52qDUc+4GP3eaSw5a 7XBEqd296evXDivwheu5ScgBzrug/hN4P8TWeZYNtof2uwx7WVec7GyYmiwQFTjtLBXexbWeb0R 8PQa30mFRDkxAsTfOzLMVlYAZGJ3nbzt6vBPYmoCjg6WLeUnKlCwRc/YAexegfiy3SOkpRMxXi9 KDiEGQ/BRsN2yc1Wo/BSHBBuf5U= X-Received: by 2002:a17:906:ee89:b0:ba8:ca25:e6ab with SMTP id a640c23a62f3a-bbff97351eamr446410466b.11.1777894024429; Mon, 04 May 2026 04:27:04 -0700 (PDT) MIME-Version: 1.0 From: Varik Matevosyan Date: Mon, 4 May 2026 15:26:50 +0400 X-Gm-Features: AVHnY4Kt3UdOLlv1wsNOSuBBJfsHh3_FXdHr0fKYlBteC5uWSjiR53jo8iQGC0c Message-ID: Subject: [PATCH] contrib/xml2: guard against signed integer overflow in parse_params To: pgsql-hackers@lists.postgresql.org Content-Type: multipart/mixed; boundary="000000000000c672990650fc3525" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --000000000000c672990650fc3525 Content-Type: text/plain; charset="UTF-8" Hi, Small robustness fix for contrib/xml2/parse_params. The doubling of max_params relies on signed-integer overflow wrapping to a value that AllocSizeIsValid then rejects, which is both UB and incidental safety. The overflow is unreachable in current builds (text input is bounded by MaxAllocSize, which limits nparams below the doubling threshold), but the fix is small and matches the explicit overflow-checking idiom used elsewhere in the tree. Patch attached against current master. Regards, Varik --000000000000c672990650fc3525 Content-Type: application/octet-stream; name="0001-contrib-xml2-guard-against-signed-integer-overflow-i.patch" Content-Disposition: attachment; filename="0001-contrib-xml2-guard-against-signed-integer-overflow-i.patch" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_mor430t80 RnJvbSBlZjEyMTlhN2U5NzUyNWE0MmEyMWJjMjdmOTgyZmQ5ZTJlOWEyYzMwIE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBWYXJpayBNYXRldm9zeWFuIDx2YXJpa21hdGV2b3N5YW5AZ21h aWwuY29tPgpEYXRlOiBNb24sIDQgTWF5IDIwMjYgMTA6NTM6MDUgKzAwMDAKU3ViamVjdDogW1BB VENIXSBjb250cmliL3htbDI6IGd1YXJkIGFnYWluc3Qgc2lnbmVkIGludGVnZXIgb3ZlcmZsb3cg aW4KIHBhcnNlX3BhcmFtcwoKVGhlIGRvdWJsaW5nIG9mIG1heF9wYXJhbXMgaW4gcGFyc2VfcGFy YW1zIHJlbGllcyBvbiBzaWduZWQgaW50ZWdlcgpvdmVyZmxvdyB0byB3cmFwIHRvIGEgbmVnYXRp dmUgdmFsdWUgdGhhdCBBbGxvY1NpemVJc1ZhbGlkIHRoZW4KcmVqZWN0cywgcHJvZHVjaW5nIGEg Y2xlYW4gZXJlcG9ydC4gVGhpcyBpcyBpbmNpZGVudGFsIHNhZmV0eToKc2lnbmVkIG92ZXJmbG93 IGlzIHVuZGVmaW5lZCBwZXIgdGhlIEMgc3RhbmRhcmQsIGFuZCB0aGUgZ3JhY2VmdWwKRVJST1Ig ZGVwZW5kcyBvbiB0aGUgd3JhcHBlZCB2YWx1ZSBmYWxsaW5nIG91dHNpZGUgTWF4QWxsb2NTaXpl CmFmdGVyIHByb21vdGlvbiB0byBzaXplX3QuCgpJbiBjdXJyZW50IGJ1aWxkcyB0aGUgb3ZlcmZs b3cgaXMgdW5yZWFjaGFibGUsIHNpbmNlIHRleHQgaW5wdXQgaXMKYm91bmRlZCBieSBNYXhBbGxv Y1NpemUgYW5kIHRoYXQgbGltaXRzIG5wYXJhbXMgYmVsb3cgdGhlIGRvdWJsaW5nCnRocmVzaG9s ZC4gR3VhcmQgdGhlIG11bHRpcGxpY2F0aW9uIGFueXdheSwgbWF0Y2hpbmcgdGhlIGV4cGxpY2l0 Cm92ZXJmbG93LWNoZWNraW5nIGlkaW9tIHVzZWQgZWxzZXdoZXJlIGluIHRoZSB0cmVlLgotLS0K IGNvbnRyaWIveG1sMi94c2x0X3Byb2MuYyB8IDkgKysrKysrKystCiAxIGZpbGUgY2hhbmdlZCwg OCBpbnNlcnRpb25zKCspLCAxIGRlbGV0aW9uKC0pCgpkaWZmIC0tZ2l0IGEvY29udHJpYi94bWwy L3hzbHRfcHJvYy5jIGIvY29udHJpYi94bWwyL3hzbHRfcHJvYy5jCmluZGV4IDhjZWI4YzQ2NDk0 Li4zOTExNjExODY2MyAxMDA2NDQKLS0tIGEvY29udHJpYi94bWwyL3hzbHRfcHJvYy5jCisrKyBi L2NvbnRyaWIveG1sMi94c2x0X3Byb2MuYwpAQCAtNyw2ICs3LDcgQEAKICAqLwogI2luY2x1ZGUg InBvc3RncmVzLmgiCiAKKyNpbmNsdWRlICJjb21tb24vaW50LmgiCiAjaW5jbHVkZSAiZm1nci5o IgogI2luY2x1ZGUgInV0aWxzL2J1aWx0aW5zLmgiCiAjaW5jbHVkZSAidXRpbHMveG1sLmgiCkBA IC0yMTYsNiArMjE3LDcgQEAgcGFyc2VfcGFyYW1zKHRleHQgKnBhcmFtc3RyKQogCWNoYXIJICAg Kml0c2VwID0gIiwiOwogCWNvbnN0IGNoYXIgKipwYXJhbXM7CiAJaW50CQkJbWF4X3BhcmFtczsK KwlpbnQJCQluZXdfbWF4X3BhcmFtczsKIAlpbnQJCQlucGFyYW1zOwogCiAJcHN0ciA9IHRleHRf dG9fY3N0cmluZyhwYXJhbXN0cik7CkBAIC0yMzAsNyArMjMyLDEyIEBAIHBhcnNlX3BhcmFtcyh0 ZXh0ICpwYXJhbXN0cikKIAl7CiAJCWlmIChucGFyYW1zID49IG1heF9wYXJhbXMpCiAJCXsKLQkJ CW1heF9wYXJhbXMgKj0gMjsKKwkJCWlmIChwZ19tdWxfczMyX292ZXJmbG93KG1heF9wYXJhbXMs IDIsICZuZXdfbWF4X3BhcmFtcykpCisJCQkJZXJlcG9ydChFUlJPUiwKKwkJCQkJCShlcnJjb2Rl KEVSUkNPREVfUFJPR1JBTV9MSU1JVF9FWENFRURFRCksCisJCQkJCQkgZXJybXNnKCJ0b28gbWFu eSBYU0xUIHBhcmFtZXRlcnMiKSkpOworCisJCQltYXhfcGFyYW1zID0gbmV3X21heF9wYXJhbXM7 CiAJCQlwYXJhbXMgPSAoY29uc3QgY2hhciAqKikgcmVwYWxsb2MocGFyYW1zLAogCQkJCQkJCQkJ CQkgIChtYXhfcGFyYW1zICsgMSkgKiBzaXplb2YoY2hhciAqKSk7CiAJCX0KLS0gCjIuNDMuMAoK --000000000000c672990650fc3525--