13 Feb
2017
13 Feb
'17
6:09 p.m.
Hallvard Breien Furuseth wrote:
On 13/02/17 13:16, hyc@symas.com wrote:
h.b.furuseth@usit.uio.no wrote:
(...) datacount > UINT_MAX is truncated to unsigned int: data[1].mv_size = 0x100000002 puts 2 items.
datacount * datasize can exceed UINT_MAX, which mdb_page_spill() truncates to unsigned int. Such a massive put() will likely fail anyway, but it should at least try to spill properly first.
We should probably check if mv_size is greater than UINT_MAX and return EINVAL. (Or ERANGE.)
If you mean check for overflow, that doesn't work on 32-bit hosts.
It's not possible to pass in a datacount > UINT_MAX on 32bit so there's no need for such a check. It's only needed on 64bit where uint is smaller than size_t.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
2837
Age (days ago)
2837
Last active (days ago)
0 comments
1 participants
participants (1)
-
hyc@symas.com