Fix range check in ECPG numeric to int conversion

j-naylor · j-naylor · commit c7181a32c57d · 2021-07-30T16:12:17.000-04:00
The previous coding guarded against -INT_MAX instead of INT_MIN, leading to -2147483648 being rejected as out of range. Per bug #17128 from Kevin Sweet Discussion: https://www.postgresql.org/message-id/flat/17128-55a8a879727a3e3a%40postgresql.org Reviewed-by: Tom Lane Backpatch to all supported branches
diff --git a/doc/src/sgml/ecpg.sgml b/doc/src/sgml/ecpg.sgml
@@ -8618,7 +8618,7 @@ int dectoint(decimal *np, int *ip);
         Note that the ECPG implementation differs from the <productname>Informix</productname>
         implementation. <productname>Informix</productname> limits an integer to the range from -32767 to
         32767, while the limits in the ECPG implementation depend on the
-        architecture (<literal>-INT_MAX .. INT_MAX</literal>).
+        architecture (<literal>INT_MIN .. INT_MAX</literal>).
        </para>
       </listitem>
      </varlistentry>
diff --git a/src/interfaces/ecpg/pgtypeslib/numeric.c b/src/interfaces/ecpg/pgtypeslib/numeric.c
@@ -1586,12 +1586,17 @@ PGTYPESnumeric_to_int(numeric *nv, int *ip)
 	if ((i = PGTYPESnumeric_to_long(nv, &l)) != 0)
 		return i;
 
-	if (l < -INT_MAX || l > INT_MAX)
+/* silence compilers that might complain about useless tests */
+#if SIZEOF_LONG > SIZEOF_INT
+
+	if (l < INT_MIN || l > INT_MAX)
 	{
 		errno = PGTYPES_NUM_OVERFLOW;
 		return -1;
 	}
 
+#endif
+
 	*ip = (int) l;
 	return 0;
 }
diff --git a/src/interfaces/ecpg/test/expected/pgtypeslib-num_test.c b/src/interfaces/ecpg/test/expected/pgtypeslib-num_test.c
@@ -47,7 +47,7 @@ main(void)
 
 	double d;
 	long l1, l2;
-	int i;
+	int i, min, max;
 
 	ECPGdebug(1, stderr);
 	/* exec sql whenever sqlerror  do sqlprint ( ) ; */
@@ -144,17 +144,28 @@ if (sqlca.sqlcode < 0) sqlprint ( );}
 	PGTYPESnumeric_free(value2);
 	PGTYPESnumeric_free(res);
 
+	/* check conversion of numeric to int */
+	value1 = PGTYPESnumeric_from_asc("-2147483648", NULL);
+	PGTYPESnumeric_to_int(value1, &min);
+	printf("min int = %d\n", min);
+	PGTYPESnumeric_free(value1);
+
+	value2 = PGTYPESnumeric_from_asc("2147483647", NULL);
+	PGTYPESnumeric_to_int(value2, &max);
+	printf("max int = %d\n", max);
+	PGTYPESnumeric_free(value2);
+
 	{ ECPGtrans(__LINE__, NULL, "rollback");
-#line 93 "num_test.pgc"
+#line 104 "num_test.pgc"
 
 if (sqlca.sqlcode < 0) sqlprint ( );}
-#line 93 "num_test.pgc"
+#line 104 "num_test.pgc"
 
 	{ ECPGdisconnect(__LINE__, "CURRENT");
-#line 94 "num_test.pgc"
+#line 105 "num_test.pgc"
 
 if (sqlca.sqlcode < 0) sqlprint ( );}
-#line 94 "num_test.pgc"
+#line 105 "num_test.pgc"
 
 
 	return 0;
diff --git a/src/interfaces/ecpg/test/expected/pgtypeslib-num_test.stderr b/src/interfaces/ecpg/test/expected/pgtypeslib-num_test.stderr
@@ -26,7 +26,7 @@
 [NO_PID]: sqlca: code: 0, state: 00000
 [NO_PID]: ecpg_get_data on line 66: RESULT: 2369.7000000 offset: -1; array: no
 [NO_PID]: sqlca: code: 0, state: 00000
-[NO_PID]: ECPGtrans on line 93: action "rollback"; connection "ecpg1_regression"
+[NO_PID]: ECPGtrans on line 104: action "rollback"; connection "ecpg1_regression"
 [NO_PID]: sqlca: code: 0, state: 00000
 [NO_PID]: ecpg_finish: connection ecpg1_regression closed
 [NO_PID]: sqlca: code: 0, state: 00000
diff --git a/src/interfaces/ecpg/test/expected/pgtypeslib-num_test.stdout b/src/interfaces/ecpg/test/expected/pgtypeslib-num_test.stdout
@@ -4,3 +4,5 @@ sub = 2369.7
 mul = 13306998429.873000000
 div = 1330699.84298730000 1.330700e+06
 to long(0) = 20000000 14
+min int = -2147483648
+max int = 2147483647
diff --git a/src/interfaces/ecpg/test/pgtypeslib/num_test.pgc b/src/interfaces/ecpg/test/pgtypeslib/num_test.pgc
@@ -24,7 +24,7 @@ main(void)
 	exec sql end declare section;
 	double d;
 	long l1, l2;
-	int i;
+	int i, min, max;
 
 	ECPGdebug(1, stderr);
 	exec sql whenever sqlerror do sqlprint();
@@ -90,6 +90,17 @@ main(void)
 	PGTYPESnumeric_free(value2);
 	PGTYPESnumeric_free(res);
 
+	/* check conversion of numeric to int */
+	value1 = PGTYPESnumeric_from_asc("-2147483648", NULL);
+	PGTYPESnumeric_to_int(value1, &min);
+	printf("min int = %d\n", min);
+	PGTYPESnumeric_free(value1);
+
+	value2 = PGTYPESnumeric_from_asc("2147483647", NULL);
+	PGTYPESnumeric_to_int(value2, &max);
+	printf("max int = %d\n", max);
+	PGTYPESnumeric_free(value2);
+
 	exec sql rollback;
 	exec sql disconnect;
 

Original file line number	Diff line number	Diff line change
`@@ -1586,12 +1586,17 @@ PGTYPESnumeric_to_int(numeric nv, int ip)`
`1586`	`1586`	`if ((i = PGTYPESnumeric_to_long(nv, &l)) != 0)`
`1587`	`1587`	`return i;`
`1588`	`1588`
`1589`		`- if (l < -INT_MAX \|\| l > INT_MAX)`
	`1589`	`+/* silence compilers that might complain about useless tests */`
	`1590`	`+#if SIZEOF_LONG > SIZEOF_INT`
	`1591`	`+`
	`1592`	`+ if (l < INT_MIN \|\| l > INT_MAX)`
`1590`	`1593`	`{`
`1591`	`1594`	`errno = PGTYPES_NUM_OVERFLOW;`
`1592`	`1595`	`return -1;`
`1593`	`1596`	`}`
`1594`	`1597`
	`1598`	`+#endif`
	`1599`	`+`
`1595`	`1600`	`*ip = (int) l;`
`1596`	`1601`	`return 0;`
`1597`	`1602`	`}`