Re: oauth integer overflow - Daniel Gustafsson

public inbox for [email protected]  
help / color / mirror / Atom feed

From: Daniel Gustafsson <[email protected]>
To: Jacob Champion <[email protected]>
Cc: Andres Freund <[email protected]>
Cc: PostgreSQL Hackers <[email protected]>
Subject: Re: oauth integer overflow
Date: Fri, 5 Jun 2026 21:25:27 +0200
Message-ID: <[email protected]> (raw)
In-Reply-To: <CAOYmi+kKqSrU5c8D60rgSj6ybiNwsZkxgTJhef+w0-mRpw=m0A@mail.gmail.com>
References: <qtclihmrkq67ach3xjxyi4qcksstin5qxwsnkqefkmotxwh4g6@ae2bj6jvcmry>
	<[email protected]>
	<CAOYmi+n4U_g+k1Bfs2eavJdps0qQj3HFDa5i3V1c0m3CLYUWhA@mail.gmail.com>
	<[email protected]>
	<CAOYmi+k6K6VKTZLPtQLHnoSSMRZfH_=x6bHRUC3zf1F9kjyb1Q@mail.gmail.com>
	<fcaddr2zt4q7ee5mm7vctb723pcgfjpyo2hnhjhgae2nysobjf@epjk3wl4i2ck>
	<CAOYmi+mGZ5H+k_Y-ascgK7X9snAGdBUOuc=FZRxu6gnB_mjFFQ@mail.gmail.com>
	<[email protected]>
	<CAOYmi+kKqSrU5c8D60rgSj6ybiNwsZkxgTJhef+w0-mRpw=m0A@mail.gmail.com>

> On 5 Jun 2026, at 21:06, Jacob Champion <[email protected]> wrote:
> 
> On Thu, Apr 23, 2026 at 11:31 AM Jacob Champion
> <[email protected]> wrote:
>> Attached. The static_assert for the millisecond calculation is the
>> only part I don't really like, but doing an overflow check on a
>> calculation that can't overflow int64 is even more verbose/wasteful.
> 
> I was preparing to commit this for beta1 last week, and I realized
> that I've changed my tune. With all the recent backports of overflow
> checks, I think I need to be reaching for them by default, especially
> in a non-performance-critical path.
> 
> v2 rewrites that part with a checked multiplication, which removes any
> need for a static_assert complication.

I agree with this approach, +1 on this version.

> On Tue, Apr 28, 2026 at 4:18 AM Daniel Gustafsson <[email protected]> wrote:
>> When teading "disabled timer" I interpret that as a timer which is 0 and has no
>> interval (which might be due to not being a native speaker), but what it
>> actually describes is an interval which (in practice) never ends.  Perhaps it
>> could be phrased more like "for most people is going to be equivalent to a
>> never ending interval".
> 
> This has been completely rewritten now; see what you think.

LGTM.

--
Daniel Gustafsson

view thread (10+ messages)

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected], [email protected]
  Subject: Re: oauth integer overflow
  In-Reply-To: <[email protected]>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox