[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8335) MDB_MULTIPLE issues

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8335) MDB_MULTIPLE issues
From: h.b.furuseth@usit.uio.no
Date: Mon, 13 Feb 2017 21:13:18 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

On 13/02/17 13:16, hyc@symas.com wrote:
> h.b.furuseth@usit.uio.no wrote:
>> (...)
>> datacount > UINT_MAX is truncated to unsigned int:
>> data[1].mv_size = 0x100000002 puts 2 items.
>
>> datacount * datasize can exceed UINT_MAX, which mdb_page_spill()
>> truncates to unsigned int.  Such a massive put() will likely
>> fail anyway, but it should at least try to spill properly first.
>
> We should probably check if mv_size is greater than UINT_MAX and return
> EINVAL. (Or ERANGE.)

If you mean check for overflow, that doesn't work on 32-bit hosts.
We can do a general overflow check (assuming dcount i size_t here)

	xdata.mv_size = data[0].mv_size * dcount;
	if (xdata.mv_size / dcount != data[0].mv_size)
		return <error>;

or if you want a compile-time max safe dcount on 32-bit, that's
	EVEN((size_t)-1 / (MAX_PAGESIZE/MDB_MINKEYS))

So - MDB_BAD_VALSIZE or a new MDB_* code:
Not EINVAL, that should be reserved for obvious error conditions.
And not ERANGE, we should not add new errno.h codes.

Prev by Date: Re: (ITS#8586) load cert+chain from TLSCertificateFile
Next by Date: Re: (ITS#8335) MDB_MULTIPLE issues
Index(es):
- Chronological
- Thread