Skip to content

Commit 1e01374

Browse files
macdicemacdice
committed
Fix overflow in Windows replacement pg_pread/pg_pwrite.
When calling the Windows file I/O APIs there is an implicit conversion from size_t to DWORD, which could overflow. Clamp the size at 1GB to avoid that. Not a really a live bug as we don't expect anything in PostgreSQL to call with such large values. Reviewed-by: Peter Eisentraut <peter@eisentraut.org> Discussion: https://postgr.es/m/1672202.1703441340%40sss.pgh.pa.us
1 parent 653b55b commit 1e01374

File tree

2 files changed

+6
-0
lines changed

2 files changed

+6
-0
lines changed

src/port/win32pread.c

+3
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,9 @@ pg_pread(int fd, void *buf, size_t size, off_t offset)
3030
return -1;
3131
}
3232

33+
/* Avoid overflowing DWORD. */
34+
size = Min(size, 1024 * 1024 * 1024);
35+
3336
/* Note that this changes the file position, despite not using it. */
3437
overlapped.Offset = offset;
3538
if (!ReadFile(handle, buf, size, &result, &overlapped))

src/port/win32pwrite.c

+3
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,9 @@ pg_pwrite(int fd, const void *buf, size_t size, off_t offset)
3030
return -1;
3131
}
3232

33+
/* Avoid overflowing DWORD. */
34+
size = Min(size, 1024 * 1024 * 1024);
35+
3336
/* Note that this changes the file position, despite not using it. */
3437
overlapped.Offset = offset;
3538
if (!WriteFile(handle, buf, size, &result, &overlapped))

0 commit comments

Comments
 (0)