public inbox for [email protected]help / color / mirror / Atom feed
Fix incorrect size check in statext_dependencies_deserialize 3+ messages / 2 participants [nested] [flat]
* Fix incorrect size check in statext_dependencies_deserialize @ 2026-05-19 14:29 Ilia Evdokimov <[email protected]> 0 siblings, 1 reply; 3+ messages in thread From: Ilia Evdokimov @ 2026-05-19 14:29 UTC (permalink / raw) To: PostgreSQL Hackers <[email protected]> Hi hackers, I noticed an issue in `statext_dependencies_deserialize()`. The sanity check uses `SizeOfItem` to validate the bytea size, but `SizeOfItem()` expects the number of attributes in a single dependency, not the number of dependencies. This means the check is computing the size of one dependency with ndeps attributes, which is incorrect. It should use `MinSizeOfItems` instead, which correctly computes the minimum expected size as the header plus `ndeps` minimally-sized dependency items. Notably, the similar function for ndistinct extended statistics `statext_ndistinct_deserialize()` already uses `MinSizeOfItems` correctly, which suggests this is a typo rather than an intentional choice. -- Best regards, Ilia Evdokimov, Tantor Labs LLC, https://tantorlabs.com/ Attachments: [text/x-patch] v1-0001-Fix-size-check-in-statext_dependencies_deserializ.patch (1.3K, 2-v1-0001-Fix-size-check-in-statext_dependencies_deserializ.patch) download | inline diff: From 5e760b9d63c12ef504a3fd3be75dd2511211165b Mon Sep 17 00:00:00 2001 From: Evdokimov Ilia <[email protected]> Date: Tue, 19 May 2026 17:17:01 +0300 Subject: [PATCH v1] Fix size check in statext_dependencies_deserialize() The sanity check was using SizeOfItem(dependencies->ndeps) to validate the bytea size, but SizeOfItem() expects the number of attributes in a single dependency, not the number of dependencies. Replace it with MinSizeOfItems(ndeps), which correctly computes the minimum expected size as the header plus ndeps minimally-sized dependency items. --- src/backend/statistics/dependencies.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/backend/statistics/dependencies.c b/src/backend/statistics/dependencies.c index e3a2f5817e0..95dcc218978 100644 --- a/src/backend/statistics/dependencies.c +++ b/src/backend/statistics/dependencies.c @@ -529,7 +529,7 @@ statext_dependencies_deserialize(bytea *data) elog(ERROR, "invalid zero-length item array in MVDependencies"); /* what minimum bytea size do we expect for those parameters */ - min_expected_size = SizeOfItem(dependencies->ndeps); + min_expected_size = MinSizeOfItems(dependencies->ndeps); if (VARSIZE_ANY_EXHDR(data) < min_expected_size) elog(ERROR, "invalid dependencies size %zu (expected at least %zu)", -- 2.34.1 ^ permalink raw reply [nested|flat] 3+ messages in thread
* Re: Fix incorrect size check in statext_dependencies_deserialize @ 2026-05-20 04:49 Michael Paquier <[email protected]> parent: Ilia Evdokimov <[email protected]> 0 siblings, 1 reply; 3+ messages in thread From: Michael Paquier @ 2026-05-20 04:49 UTC (permalink / raw) To: Ilia Evdokimov <[email protected]>; +Cc: PostgreSQL Hackers <[email protected]> On Tue, May 19, 2026 at 05:29:56PM +0300, Ilia Evdokimov wrote: > It should use `MinSizeOfItems` instead, which correctly computes the minimum > expected size as the header plus `ndeps` minimally-sized dependency items. > > Notably, the similar function for ndistinct extended statistics > `statext_ndistinct_deserialize()` already uses `MinSizeOfItems` correctly, > which suggests this is a typo rather than an intentional choice. Good catch, nice! This looks like a typo from d08c44f7a4ec to me, where MinSizeOfItems sticks to the definition we have for MVDependency in statistics.h. Will fix. -- Michael Attachments: [application/pgp-signature] signature.asc (833B, 2-signature.asc) download ^ permalink raw reply [nested|flat] 3+ messages in thread
* Re: Fix incorrect size check in statext_dependencies_deserialize @ 2026-05-25 05:45 Michael Paquier <[email protected]> parent: Michael Paquier <[email protected]> 0 siblings, 0 replies; 3+ messages in thread From: Michael Paquier @ 2026-05-25 05:45 UTC (permalink / raw) To: Ilia Evdokimov <[email protected]>; +Cc: PostgreSQL Hackers <[email protected]> On Wed, May 20, 2026 at 01:49:03PM +0900, Michael Paquier wrote: > Good catch, nice! This looks like a typo from d08c44f7a4ec to me, > where MinSizeOfItems sticks to the definition we have for MVDependency > in statistics.h. Done as of 0b8fa5fd37b1. -- Michael Attachments: [application/pgp-signature] signature.asc (833B, 2-signature.asc) download ^ permalink raw reply [nested|flat] 3+ messages in thread
end of thread, other threads:[~2026-05-25 05:45 UTC | newest] Thread overview: 3+ messages (download: mbox.gz follow: Atom feed) -- links below jump to the message on this page -- 2026-05-19 14:29 Fix incorrect size check in statext_dependencies_deserialize Ilia Evdokimov <[email protected]> 2026-05-20 04:49 ` Michael Paquier <[email protected]> 2026-05-25 05:45 ` Michael Paquier <[email protected]>
This inbox is served by agora; see mirroring instructions for how to clone and mirror all data and code used for this inbox