Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1wFyqF-005lSX-0C
	for pgsql-hackers@arkaria.postgresql.org;
	Thu, 23 Apr 2026 18:31:59 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1wFyqC-002nux-2x
	for pgsql-hackers@arkaria.postgresql.org;
	Thu, 23 Apr 2026 18:31:56 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <jacob.champion@enterprisedb.com>)
	id 1wFyqC-002nua-1u
	for pgsql-hackers@lists.postgresql.org;
	Thu, 23 Apr 2026 18:31:56 +0000
Received: from mail-vs1-xe2d.google.com ([2607:f8b0:4864:20::e2d])
	by magus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.98.2)
	(envelope-from <jacob.champion@enterprisedb.com>)
	id 1wFyq4-00000002hKh-2uTq
	for pgsql-hackers@postgresql.org;
	Thu, 23 Apr 2026 18:31:50 +0000
Received: by mail-vs1-xe2d.google.com with SMTP id
 ada2fe7eead31-60fbeeeaa7aso4018035137.0
        for <pgsql-hackers@postgresql.org>;
 Thu, 23 Apr 2026 11:31:47 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1776969106; cv=none;
        d=google.com; s=arc-20240605;
        b=LZ8d0mbta9c5MU2o44Qvu9USTWT4WbdlvAPC0YAuFFOKMS1tg9zgvRFpD83OdDBXnp
         HIK1YaVWtp2LRQjXlrEAlJuGHxs9WRxX/WG5mP53hVtZXNtTGXsGqkr44LJby9ZcwMz8
         E75KEYrLaMWJUu4UzDxmmdlfPAKZVcN6kil5D6xW812n0ajacNderIEU17Y7rNKgJqJ6
         u7NFb85UpIGx0wyPUThZKLFd3TOp2gC7cPmveaUJMG9xEql+5LZAovld6rq2c6dslW0L
         /ClfegC2teAeXa9mHFDJtU7oDzUq6jag88/CLDUzsRhDpZCzJGQym4vi/YPQ0zJS0aGy
         RdLQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:dkim-signature;
        bh=d075gRCz8FZWHIZ5QhpD/Viv14muaTfyBtdYBExZDH4=;
        fh=WrGHwlaAS401hpGHmqmG+jzlg66aP2sW1fyq9x+j52k=;
        b=K5ycTOVNJY3/vi2SzaxPcYOB1jixp3aAimzXrXJf50Vwe/8rvYcyg1hpCsM0F4uKwG
         oUgZ5xp4TVrew2WxpOlbKLVlG2UF4rRvrtH+XETw9hd+RBIGAQpoYm8kT/JoxOq36ghK
         Axd0lcMh55YIp08R75duCRsLwsBYw9vRHmQiJ0n6oweRGGfWuFPEo0c0o9AD5YaxyIyK
         m695I2Y4mf1m3gjcaT/E1FKfvlk3kER7uF2tkfLfrovm/mrSB1uRGkxNTMf7LbgcTS7I
         xdXxY3pkC869Z/j+TuFiC+2FLSnzJz8JQAvfk0wNQBuH2Z4Rqine8BWaA0QuNklHxLLM
         pBBg==;
        darn=postgresql.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=enterprisedb.com; s=google; t=1776969106; x=1777573906;
 darn=postgresql.org;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=d075gRCz8FZWHIZ5QhpD/Viv14muaTfyBtdYBExZDH4=;
        b=fjQZrD2+TevBf29DfZRvSgbVaLtTOt0QdQ+C+Icg8CWgeu6gqK4bbJ/7mgM4GK7SXi
         EetqcZOlwVka0IHhTCF+0j5bkQZqF9LhyQjb1v36zgN3lOsQxRNb77KGBseAfNoG+jiH
         vRE34pIPxej0mn7xk5ykezToafa+c2raAi7IMmPsHxIw+9MP19eqV02fgFL/6sRmQDkK
         eUl2yPLue9dpC+v5TjcKt7ntHF4kjcGagIUVsnVRGm633d00+rNXnzfAIJYGdYwp+mS2
         rYS+OChtEKyVmPWXxpXdDPgci1HFn/RCH+hE5LFnoB8PadoVicsFSkD8VoUHuGkZ6o9o
         EdRg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1776969106; x=1777573906;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=d075gRCz8FZWHIZ5QhpD/Viv14muaTfyBtdYBExZDH4=;
        b=E23MYv9gvsqd3aVXobT93yUF5Hz+LGjHchhV9QM7W7kmz/G+iT/O4z0L9zh2N+acOf
         eV6uCPJQSSDIBzZMrNXeyQ/dozKlBoKGfxKvD9BoFoJ5nuR6xCpjg+eh2MV2tIDfg4sG
         PylIg8+8XWfBTwNrTMLKCLWAGCz2K1/yMSPVFYwWg2AVAnVrOA76BBELaMmo83iGbKtE
         OaL5ZLONdmKZPctt22SA9rgYUEDEqxJp8PutdvQJVv/z49W5ztL4SNlf9tgIYWH3A4Xf
         skH7LIDY5+gj4Hl7+EglkdCtIdtNPYQK//F95TCGgifTdV7LGE/lYgM1kFukK6tWW74S
         DhRA==
X-Forwarded-Encrypted: i=1;
 AFNElJ8cGtsxWpJteBKR+6fKe2KhqwUB/52WrB6PfcJi9aqBLI1bIGgc1wsUGV7zUMwaaviZYKVRwEaQzNhX12wb@postgresql.org
X-Gm-Message-State: AOJu0YzjlTGA4ojk1hSYAAVlVw2wyaeA6lta1yyij+TpvtmMQJsR8aKM
	KYu5ZV+YkDAoEomuhRRcMNJap9ZXvy34E2z+p24Tb080V5aVb/UvFZsEMx8DFkNiKqUjn+Q79we
	FqdyGQG53HO2Jhnhxjh5jbtEvwQLTeDqvV6YVaZVyBQyM+NxzPZJQkw==
X-Gm-Gg: AeBDiesFdq0SRr1tFSKXmawdlH1shFJLR+d70f0c4TOdmsWqXLzMdbuwZIc8G1rnPaW
	/sK6gGrTawqM1D+txP8SzbQfsIwAMoFJZurIoenbh6zQERsn8+pKS5RjKYloEH0SI/4gAWGBDcw
	rhUy1Q2t7A0REo0FBS3lFSvk9sqzlR3dH7NSVWMUhB1QbACvsxUgmtXdhVTROf7uxHSkjHAdqLx
	iaHAg4B0rlE87ZyUVLhjWzZbNk1L+mKYAEKh3LDSg5Bsf2/dk+ZTee90ybzQGXS4Vi4lzLWlQ3t
	ByLMxcwkYAI8gMvjFYne
X-Received: by 2002:a05:6102:80aa:b0:604:f155:9374 with SMTP id
 ada2fe7eead31-616f67c7f28mr16022217137.15.1776969106004; Thu, 23 Apr 2026
 11:31:46 -0700 (PDT)
MIME-Version: 1.0
References: <qtclihmrkq67ach3xjxyi4qcksstin5qxwsnkqefkmotxwh4g6@ae2bj6jvcmry>
 <B2FCB6A7-10C4-416D-BA22-240E9FCDCE18@yesql.se>
 <CAOYmi+n4U_g+k1Bfs2eavJdps0qQj3HFDa5i3V1c0m3CLYUWhA@mail.gmail.com>
 <BA41032F-217B-4BDE-9F16-4D237B63DA33@yesql.se>
In-Reply-To: <BA41032F-217B-4BDE-9F16-4D237B63DA33@yesql.se>
From: Jacob Champion <jacob.champion@enterprisedb.com>
Date: Thu, 23 Apr 2026 11:31:34 -0700
X-Gm-Features: AQROBzANASYUVErfEmNC5HTxsohNenZwqG1m9mLuBiYCR5CdJsRJgs3mg2m4guU
Message-ID: 
 <CAOYmi+k6K6VKTZLPtQLHnoSSMRZfH_=x6bHRUC3zf1F9kjyb1Q@mail.gmail.com>
Subject: Re: oauth integer overflow
To: Daniel Gustafsson <daniel@yesql.se>
Cc: Andres Freund <andres@anarazel.de>,
 PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Content-Type: multipart/mixed; boundary="00000000000057ed6a065024dc39"
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: 
 <https://www.postgresql.org/message-id/CAOYmi%2Bk6K6VKTZLPtQLHnoSSMRZfH_%3Dx6bHRUC3zf1F9kjyb1Q%40mail.gmail.com>
Precedence: bulk

--00000000000057ed6a065024dc39
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Thu, Apr 23, 2026 at 11:17=E2=80=AFAM Daniel Gustafsson <daniel@yesql.se=
> wrote:
> > Cool. I have one written up and can share it for comparison, if you'd
> > like, but it's fairly verbose and I wonder if there's a better way to
> > do it.
>
> Well, if you're already done then please do share it, and we'll use that =
as a
> starting point.

Attached. The static_assert for the millisecond calculation is the
only part I don't really like, but doing an overflow check on a
calculation that can't overflow int64 is even more verbose/wasteful.

--Jacob

--00000000000057ed6a065024dc39
Content-Type: application/octet-stream;
	name="0001-libpq-oauth-Avoid-overflow-for-very-large-intervals.patch"
Content-Disposition: attachment;
	filename="0001-libpq-oauth-Avoid-overflow-for-very-large-intervals.patch"
Content-Transfer-Encoding: base64
Content-ID: <f_mobtcyc70>
X-Attachment-Id: f_mobtcyc70

RnJvbSAyN2RlMzlmNjY3YWIxMmI3ODc3ODE0MmZlNjBlNjM3NmY0ZDQ5ZWMzIE1vbiBTZXAgMTcg
MDA6MDA6MDAgMjAwMQpGcm9tOiBKYWNvYiBDaGFtcGlvbiA8amFjb2IuY2hhbXBpb25AZW50ZXJw
cmlzZWRiLmNvbT4KRGF0ZTogVGh1LCAyMyBBcHIgMjAyNiAwOTo0Njo0MiAtMDcwMApTdWJqZWN0
OiBbUEFUQ0hdIGxpYnBxLW9hdXRoOiBBdm9pZCBvdmVyZmxvdyBmb3IgdmVyeSBsYXJnZSBpbnRl
cnZhbHMKCi0tLQogc3JjL2ludGVyZmFjZXMvbGlicHEtb2F1dGgvb2F1dGgtY3VybC5jIHwgMzgg
KysrKysrKysrKysrKysrKysrLS0tLS0tLQogMSBmaWxlIGNoYW5nZWQsIDI4IGluc2VydGlvbnMo
KyksIDEwIGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL3NyYy9pbnRlcmZhY2VzL2xpYnBxLW9h
dXRoL29hdXRoLWN1cmwuYyBiL3NyYy9pbnRlcmZhY2VzL2xpYnBxLW9hdXRoL29hdXRoLWN1cmwu
YwppbmRleCBhYmJlZjkzZjk1Zi4uNzBjYzQ3MTBiNTkgMTAwNjQ0Ci0tLSBhL3NyYy9pbnRlcmZh
Y2VzL2xpYnBxLW9hdXRoL29hdXRoLWN1cmwuYworKysgYi9zcmMvaW50ZXJmYWNlcy9saWJwcS1v
YXV0aC9vYXV0aC1jdXJsLmMKQEAgLTI4LDYgKzI4LDcgQEAKICNlcnJvciBsaWJwcS1vYXV0aCBp
cyBub3Qgc3VwcG9ydGVkIG9uIHRoaXMgcGxhdGZvcm0KICNlbmRpZgogCisjaW5jbHVkZSAiY29t
bW9uL2ludC5oIgogI2luY2x1ZGUgImNvbW1vbi9qc29uYXBpLmgiCiAjaW5jbHVkZSAibWIvcGdf
d2NoYXIuaCIKICNpbmNsdWRlICJvYXV0aC1jdXJsLmgiCkBAIC0xMzYsNyArMTM3LDcgQEAgc3Ry
dWN0IGRldmljZV9hdXRoegogCiAJLyogRmllbGRzIGJlbG93IGFyZSBwYXJzZWQgZnJvbSB0aGUg
Y29ycmVzcG9uZGluZyBzdHJpbmcgYWJvdmUuICovCiAJaW50CQkJZXhwaXJlc19pbjsKLQlpbnQJ
CQlpbnRlcnZhbDsKKwlpbnQzMgkJaW50ZXJ2YWw7CiB9OwogCiBzdGF0aWMgdm9pZApAQCAtMTAy
MCw3ICsxMDIxLDcgQEAgcGFyc2VfanNvbl9udW1iZXIoY29uc3QgY2hhciAqcykKICAqIGV4cGVu
c2l2ZSBuZXR3b3JrIHBvbGxpbmcgbG9vcC4pIFRlc3RzIG1heSByZW1vdmUgdGhlIGxvd2VyIGJv
dW5kIHdpdGgKICAqIFBHT0FVVEhERUJVRywgZm9yIGltcHJvdmVkIHBlcmZvcm1hbmNlLgogICov
Ci1zdGF0aWMgaW50CitzdGF0aWMgaW50MzIKIHBhcnNlX2ludGVydmFsKHN0cnVjdCBhc3luY19j
dHggKmFjdHgsIGNvbnN0IGNoYXIgKmludGVydmFsX3N0cikKIHsKIAlkb3VibGUJCXBhcnNlZDsK
QEAgLTEwMzEsOCArMTAzMiw4IEBAIHBhcnNlX2ludGVydmFsKHN0cnVjdCBhc3luY19jdHggKmFj
dHgsIGNvbnN0IGNoYXIgKmludGVydmFsX3N0cikKIAlpZiAocGFyc2VkIDwgMSkKIAkJcmV0dXJu
IChhY3R4LT5kZWJ1Z19mbGFncyAmIE9BVVRIREVCVUdfVU5TQUZFX0RPU19FTkRQT0lOVCkgPyAw
IDogMTsKIAotCWVsc2UgaWYgKHBhcnNlZCA+PSBJTlRfTUFYKQotCQlyZXR1cm4gSU5UX01BWDsK
KwllbHNlIGlmIChwYXJzZWQgPj0gSU5UMzJfTUFYKQorCQlyZXR1cm4gSU5UMzJfTUFYOwogCiAJ
cmV0dXJuIHBhcnNlZDsKIH0KQEAgLTI2MjAsMTAgKzI2MjEsNyBAQCBoYW5kbGVfdG9rZW5fcmVz
cG9uc2Uoc3RydWN0IGFzeW5jX2N0eCAqYWN0eCwgY2hhciAqKnRva2VuKQogCSAqLwogCWlmIChz
dHJjbXAoZXJyLT5lcnJvciwgInNsb3dfZG93biIpID09IDApCiAJewotCQlpbnQJCQlwcmV2X2lu
dGVydmFsID0gYWN0eC0+YXV0aHouaW50ZXJ2YWw7Ci0KLQkJYWN0eC0+YXV0aHouaW50ZXJ2YWwg
Kz0gNTsKLQkJaWYgKGFjdHgtPmF1dGh6LmludGVydmFsIDwgcHJldl9pbnRlcnZhbCkKKwkJaWYg
KHBnX2FkZF9zMzJfb3ZlcmZsb3coYWN0eC0+YXV0aHouaW50ZXJ2YWwsIDUsICZhY3R4LT5hdXRo
ei5pbnRlcnZhbCkpCiAJCXsKIAkJCWFjdHhfZXJyb3IoYWN0eCwgInNsb3dfZG93biBpbnRlcnZh
bCBvdmVyZmxvdyIpOwogCQkJZ290byB0b2tlbl9jbGVhbnVwOwpAQCAtMjk0OSw4ICsyOTQ3LDI4
IEBAIHBnX2ZlX3J1bl9vYXV0aF9mbG93X2ltcGwoUEdjb25uICpjb25uLCBQR29hdXRoQmVhcmVy
UmVxdWVzdFYyICpyZXF1ZXN0LAogCQkJCSAqIFdhaXQgZm9yIHRoZSByZXF1aXJlZCBpbnRlcnZh
bCBiZWZvcmUgaXNzdWluZyB0aGUgbmV4dAogCQkJCSAqIHJlcXVlc3QuCiAJCQkJICovCi0JCQkJ
aWYgKCFzZXRfdGltZXIoYWN0eCwgYWN0eC0+YXV0aHouaW50ZXJ2YWwgKiAxMDAwKSkKLQkJCQkJ
Z290byBlcnJvcl9yZXR1cm47CisJCQkJeworCQkJCQkvKgorCQkJCQkgKiBMT05HX01BWCBtaWxs
aXNlY29uZHMgaXMgMjQgZGF5cyBvbiAzMi1iaXQgcGxhdGZvcm1zLAorCQkJCQkgKiB3aGljaCBm
b3IgbW9zdCBwZW9wbGUgaXMgZ29pbmcgdG8gYmUgZXF1aXZhbGVudCB0byBhCisJCQkJCSAqIGRp
c2FibGVkIHRpbWVyLi4uIGJ1dCBhdm9pZCBvdmVyZmxvdyBpbiBjYXNlIHRoZQorCQkJCQkgKiBj
b21waWxlciBkb2VzIHNvbWV0aGluZyB1bmludHVpdGl2ZS4KKwkJCQkJICovCisJCQkJCWludDY0
CQlpbnRlcnZhbF9tczsKKworCQkJCQkvKgorCQkJCQkgKiBJZiB5b3UgdHJpcCBvdmVyIHRoaXMs
IHRoZSBtdWx0aXBsaWNhdGlvbiBoZXJlIG5lZWRzIHRvCisJCQkJCSAqIGJlIGFkanVzdGVkIGZv
ciBvdmVyZmxvdyB0b28uCisJCQkJCSAqLworCQkJCQlzdGF0aWNfYXNzZXJ0KHNpemVvZihhY3R4
LT5hdXRoei5pbnRlcnZhbCkgPD0gNCk7CisKKwkJCQkJaW50ZXJ2YWxfbXMgPSBhY3R4LT5hdXRo
ei5pbnRlcnZhbCAqICgoaW50NjQpIDEwMDApOworCQkJCQlpZiAoaW50ZXJ2YWxfbXMgPiBMT05H
X01BWCkKKwkJCQkJCWludGVydmFsX21zID0gTE9OR19NQVg7CisKKwkJCQkJaWYgKCFzZXRfdGlt
ZXIoYWN0eCwgKGxvbmcpIGludGVydmFsX21zKSkKKwkJCQkJCWdvdG8gZXJyb3JfcmV0dXJuOwor
CQkJCX0KIAogCQkJCS8qCiAJCQkJICogTm8gQ3VybCByZXF1ZXN0cyBhcmUgcnVubmluZywgc28g
d2UgY2FuIHNpbXBsaWZ5IGJ5IGhhdmluZwotLSAKMi4zNC4xCgo=
--00000000000057ed6a065024dc39--