Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wFwfa-005jSK-2R for pgsql-hackers@arkaria.postgresql.org; Thu, 23 Apr 2026 16:12:51 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.96) (envelope-from ) id 1wFwfX-002RAh-12 for pgsql-hackers@arkaria.postgresql.org; Thu, 23 Apr 2026 16:12:47 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wFwfW-002RAZ-0r for pgsql-hackers@lists.postgresql.org; Thu, 23 Apr 2026 16:12:47 +0000 Received: from fhigh-a1-smtp.messagingengine.com ([103.168.172.152]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.2) (envelope-from ) id 1wFwfR-00000002g0u-0nGg for pgsql-hackers@postgresql.org; Thu, 23 Apr 2026 16:12:45 +0000 Received: from phl-compute-05.internal (phl-compute-05.internal [10.202.2.45]) by mailfhigh.phl.internal (Postfix) with ESMTP id 3F856140004C; Thu, 23 Apr 2026 12:12:39 -0400 (EDT) Received: from phl-frontend-04 ([10.202.2.163]) by phl-compute-05.internal (MEProxy); Thu, 23 Apr 2026 12:12:39 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=anarazel.de; h= cc:content-type:content-type:date:date:from:from:in-reply-to :message-id:mime-version:reply-to:subject:subject:to:to; s=fm2; t=1776960759; x=1777047159; bh=iF1amiK8WQyqJlZcX9+c02yM+Y8fSWFt npHc6ZEBcBw=; b=VPH0BxOVZtKhwEvT6MmLUUTs+HSoMn8RTK5lXv+qb1EsnAZk azkWX9NZpBtJpnZ1DLKyOlUrBvMeNDY7PJK3ha2HM7ZdrU8Ym8fhVx28sHbL/l+Z WAU4Wa+V1qBMX/DAkA+pjbc+G1FNA07xOYZwpcx9iv8nIjnylxyM68TRwsPIsgdy H2HkQXd1EfMuhtEznk1phLej0xvZiVfgFNFKzWBKnfvxrNaV7Qtpn1U6pY2sQjjv +KBtwfd2x8d5WYWWS1tso7G4wK/mtVaCf4iW0P0H82yqxubJZ5DZuMBRcjvLPxsC WAJJgoMgBVMAJ+hqA1nktmLTRUj29tUQ5ZfXKQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:message-id :mime-version:reply-to:subject:subject:to:to:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=1776960759; x= 1777047159; bh=iF1amiK8WQyqJlZcX9+c02yM+Y8fSWFtnpHc6ZEBcBw=; b=L 1gDVU3gTzWN8Q/9HYdpHk0pNqAaeE/23lw+NRL3XCl+E/dkKY82tP216DqJpaAfm 717Gdll/BrzEJ87p9jm1+YkjBzgCD5biLfxNRZFDQRqIGphpsjTvYpUhFZvF2eCH 5V6/+VJ+T6yxW35HJx7YjSlqpO9ErLuF6EpbiDi765PZQ+cpY6olEz1fjAWMYzBA UhHOdgVlIFenImD+iJ1cA2kYWFp1EGXEqcWfd7su0FEnKmdKIOwZ++KF0+qPs+C+ hV5zrYzfx+FWqb0CQ+J6m0Y2J+fi4j/G2+YOS5TdIU+hHXOvRdXs6yrXn7cQsLgy RpQtRRDvrVBayTKUDOSsQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefhedrtddtgdeijeeitdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpuffrtefokffrpgfnqfghnecuuegr ihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjug hrpeffhffvuffkgggtugesthdtsfdttddtvdenucfhrhhomheptehnughrvghsucfhrhgv uhhnugcuoegrnhgurhgvshesrghnrghrrgiivghlrdguvgeqnecuggftrfgrthhtvghrnh ephedtffeihfefudelffduffekfeelleeffeejueeiiedtvedutdffjedukeetieejnecu vehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomheprghnughrvg hssegrnhgrrhgriigvlhdruggvpdhnsggprhgtphhtthhopeefpdhmohguvgepshhmthhp ohhuthdprhgtphhtthhopegthhgrmhhpihhonhdrphesghhmrghilhdrtghomhdprhgtph htthhopehpghhsqhhlqdhhrggtkhgvrhhssehpohhsthhgrhgvshhqlhdrohhrghdprhgt phhtthhopegurghnihgvlheshigvshhqlhdrshgv X-ME-Proxy: Feedback-ID: id4a34324:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 23 Apr 2026 12:12:38 -0400 (EDT) Date: Thu, 23 Apr 2026 12:12:37 -0400 From: Andres Freund To: pgsql-hackers@postgresql.org, Jacob Champion , Daniel Gustafsson Subject: oauth integer overflow Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk Hi, I was once more looking at what it'd take to work with -ftrapv, when cassert is enabled. Partially motivated with the worry that we support compilers that don't understand -fwrapv so code relying on signed overflow isn't actually safe. And because it sometimes leads to unexpected results that can cause trouble and -ftrapv helps find those. One thing that quickly triggers when doing so is: #0 __pthread_kill_implementation (threadid=, signo=signo@entry=6, no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44 #1 0x00007fe1a05a9dbf in __pthread_kill_internal (threadid=, signo=6) at ./nptl/pthread_kill.c:89 #2 0x00007fe1a0552d02 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 #3 0x00007fe1a053a4b2 in __GI_abort () at ./stdlib/abort.c:77 #4 0x00007fe19f218ac1 in __addvsi3 () from /srv/dev/build/postgres/m-dev-assert/tmp_install//srv/dev/install/postgres/m-dev-assert/lib/x86_64-linux-gnu/libpq-oauth.so #5 0x00007fe19f20da05 in handle_token_response (actx=0x561825a06350, token=0x7ffc2f677e48) at ../../../../../home/andres/src/postgresql/src/interfaces/libpq-oauth/oauth-curl.c:2625 #6 0x00007fe19f20dec5 in pg_fe_run_oauth_flow_impl (conn=0x561825998490, request=0x561825a06e30, altsock=0x561825998860) at ../../../../../home/andres/src/postgresql/src/interfaces/libpq-oauth/oauth-curl.c:2924 #7 0x00007fe19f20e0a8 in pg_fe_run_oauth_flow (conn=0x561825998490, request=0x561825a06e30, altsock=0x561825998860) at ../../../../../home/andres/src/postgresql/src/interfaces/libpq-oauth/oauth-curl.c:3027 #8 0x00007fe1a0a35627 in do_async (state=0x5618259a1880, request=0x561825a06e30) at ../../../../../home/andres/src/postgresql/src/interfaces/libpq/fe-auth-oauth.c:1528 #9 0x00007fe1a0a346e3 in run_oauth_flow (conn=0x561825998490) at ../../../../../home/andres/src/postgresql/src/interfaces/libpq/fe-auth-oauth.c:751 #10 0x00007fe1a0a3ffc1 in PQconnectPoll (conn=0x561825998490) at ../../../../../home/andres/src/postgresql/src/interfaces/libpq/fe-connect.c:4302 #11 0x00007fe1a0a3db6c in pqConnectDBComplete (conn=0x561825998490) at ../../../../../home/andres/src/postgresql/src/interfaces/libpq/fe-connect.c:2893 #12 0x00007fe1a0a3a1f7 in PQconnectdbParams (keywords=0x5618259983f0, values=0x561825998440, expand_dbname=1) /* * A slow_down error requires us to permanently increase our retry * interval by five seconds. */ if (strcmp(err->error, "slow_down") == 0) { int prev_interval = actx->authz.interval; actx->authz.interval += 5; if (actx->authz.interval < prev_interval) { actx_error(actx, "slow_down interval overflow"); goto token_cleanup; } } I don't think it's safe to rely on that type of check working without -fwrapv support, which in turn we can't rely on having. I think this should use pg_add_s32_overflow(). Greetings, Andres Freund