[postgresql-interfaces/psqlodbc] issue #149: Unsigned Integer Underflow in convert_to_pgbinary()

postgresql-interfaces/psqlodbc GitHub issues and pull requests (mirror)  
help / color / mirror / Atom feed

From: 0xYashwanth (@0xYashwanth) <[email protected]>
To: postgresql-interfaces/psqlodbc <[email protected]>
Subject: [postgresql-interfaces/psqlodbc] issue #149: Unsigned Integer Underflow in convert_to_pgbinary()
Date: Mon, 22 Dec 2025 11:08:47 +0000
Message-ID: <[email protected]> (raw)

**Bug Report: Unsigned Integer Underflow in convert_to_pgbinary()**

**Summary:**
`convert_to_pgbinary()` in convert.c does not check for error return from `pg_bin2hex()`, causing unsigned integer underflow when buffer overlap is detected.

**Location:**
File: convert.c, Function: `convert_to_pgbinary()`, Line: ~6325

**Issue:**
```c
size_t o = 0;  // unsigned
// ... o becomes 3 after adding escape prefix
o += pg_bin2hex(in, out + o, len);  // Can return -1 on error
return o;  // Returns corrupted value
```

When `pg_bin2hex()` detects dangerous buffer overlap, it returns -1. This signed value is added to the unsigned `size_t` variable `o`, causing wraparound. The function then returns success with a corrupted length instead of propagating the error.

**Impact:**
- Error condition silently ignored
- Caller receives invalid data with incorrect length
- Potential buffer overruns if returned value is used for further operations
- Data corruption masked as success

**Fix:**
Check return value before adding to unsigned variable:
```c
SQLLEN hexlen = pg_bin2hex(in, out + o, len);
if (hexlen < 0)
    return hexlen;  // Propagate error
o += hexlen;
```

**Affected Code Path:**
PostgreSQL 9.0+ binary data conversion with hex format (`FLGB_HEX_BIN_FORMAT` flag set).

*Report refined using AI

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: github://postgresql-interfaces/psqlodbc
  Cc: [email protected], [email protected]
  Subject: Re: [postgresql-interfaces/psqlodbc] issue #149: Unsigned Integer Underflow in convert_to_pgbinary()
  In-Reply-To: <<[email protected]>>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox