Defend against nulls-in-arrays in contrib/intarray. I may have put in

tglsfdc · tglsfdc · commit 8ef289dba12f · 2005-11-19T03:00:09.000Z
more tests than strictly necessary, but did not feel like tracing call
paths in detail ...
diff --git a/contrib/intarray/_int.h b/contrib/intarray/_int.h
@@ -19,13 +19,24 @@
 
 /* useful macros for accessing int4 arrays */
 #define ARRPTR(x)  ( (int4 *) ARR_DATA_PTR(x) )
-#define ARRNELEMS(x)  ArrayGetNItems( ARR_NDIM(x), ARR_DIMS(x))
+#define ARRNELEMS(x)  ArrayGetNItems(ARR_NDIM(x), ARR_DIMS(x))
 
-#define ARRISVOID(x) ( (x) ? ( ( ARR_NDIM(x) == NDIM ) ? ( ( ARRNELEMS( x ) ) ? 0 : 1 ) : ( ( ARR_NDIM(x) ) ? ( \
-	ereport(ERROR, \
-			(errcode(ERRCODE_ARRAY_SUBSCRIPT_ERROR), \
-			 errmsg("array must be one-dimensional, not %d dimensions", ARRNELEMS( x )))) \
-	,1) : 0 )  ) : 0 )
+/* reject arrays we can't handle; but allow a NULL or empty array */
+#define CHECKARRVALID(x) \
+	do { \
+		if (x) { \
+			if (ARR_NDIM(x) != NDIM && ARR_NDIM(x) != 0) \
+				ereport(ERROR, \
+						(errcode(ERRCODE_ARRAY_SUBSCRIPT_ERROR), \
+						 errmsg("array must be one-dimensional"))); \
+			if (ARR_HASNULL(x)) \
+				ereport(ERROR, \
+						(errcode(ERRCODE_NULL_VALUE_NOT_ALLOWED), \
+						 errmsg("array must not contain nulls"))); \
+		} \
+	} while(0)
+
+#define ARRISVOID(x)  ((x) == NULL || ARRNELEMS(x) == 0)
 
 #define SORT(x) \
 	do { \
@@ -52,9 +63,6 @@
 typedef char BITVEC[SIGLEN];
 typedef char *BITVECP;
 
-#define SIGPTR(x)  ( (BITVECP) ARR_DATA_PTR(x) )
-
-
 #define LOOPBYTE(a) \
 		for(i=0;i<SIGLEN;i++) {\
 				a;\
diff --git a/contrib/intarray/_int_bool.c b/contrib/intarray/_int_bool.c
@@ -309,6 +309,7 @@ execconsistent(QUERYTYPE * query, ArrayType *array, bool calcnot)
 {
 	CHKVAL		chkval;
 
+	CHECKARRVALID(array);
 	chkval.arrb = ARRPTR(array);
 	chkval.arre = chkval.arrb + ARRNELEMS(array);
 	return execute(
@@ -339,6 +340,7 @@ boolop(PG_FUNCTION_ARGS)
 	CHKVAL		chkval;
 	bool		result;
 
+	CHECKARRVALID(val);
 	if (ARRISVOID(val))
 	{
 		pfree(val);
diff --git a/contrib/intarray/_int_gist.c b/contrib/intarray/_int_gist.c
@@ -44,6 +44,7 @@ g_int_consistent(PG_FUNCTION_ARGS)
 	/* XXX are we sure it's safe to scribble on the query object here? */
 	/* XXX what about toasted input? */
 	/* sort query for fast search, key is already sorted */
+	CHECKARRVALID(query);
 	if (ARRISVOID(query))
 		PG_RETURN_BOOL(false);
 	PREPAREARR(query);
@@ -89,21 +90,30 @@ g_int_union(PG_FUNCTION_ARGS)
 {
 	GistEntryVector *entryvec = (GistEntryVector *) PG_GETARG_POINTER(0);
 	int		   *size = (int *) PG_GETARG_POINTER(1);
-	int4		i;
-	ArrayType  *res;
-	int			totlen = 0,
+	int4		i,
 			   *ptr;
+	ArrayType  *res;
+	int			totlen = 0;
 
 	for (i = 0; i < entryvec->n; i++)
-		totlen += ARRNELEMS(GETENTRY(entryvec, i));
+	{
+		ArrayType *ent = GETENTRY(entryvec, i);
+
+		CHECKARRVALID(ent);
+		totlen += ARRNELEMS(ent);
+	}
 
 	res = new_intArrayType(totlen);
 	ptr = ARRPTR(res);
 
 	for (i = 0; i < entryvec->n; i++)
 	{
-		memcpy(ptr, ARRPTR(GETENTRY(entryvec, i)), ARRNELEMS(GETENTRY(entryvec, i)) * sizeof(int4));
-		ptr += ARRNELEMS(GETENTRY(entryvec, i));
+		ArrayType *ent = GETENTRY(entryvec, i);
+		int nel;
+
+		nel = ARRNELEMS(ent);
+		memcpy(ptr, ARRPTR(ent), nel * sizeof(int4));
+		ptr += nel;
 	}
 
 	QSORT(res, 1);
@@ -130,6 +140,7 @@ g_int_compress(PG_FUNCTION_ARGS)
 	if (entry->leafkey)
 	{
 		r = (ArrayType *) PG_DETOAST_DATUM_COPY(entry->key);
+		CHECKARRVALID(r);
 		PREPAREARR(r);
 
 		if (ARRNELEMS(r)>= 2 * MAXNUMRANGE)
@@ -147,6 +158,7 @@ g_int_compress(PG_FUNCTION_ARGS)
            so now we work only with internal keys  */
 
 	r = (ArrayType *) PG_DETOAST_DATUM(entry->key);
+	CHECKARRVALID(r);
 	if (ARRISVOID(r)) 
 	{
 		if (r != (ArrayType *) DatumGetPointer(entry->key))
@@ -207,6 +219,7 @@ g_int_decompress(PG_FUNCTION_ARGS)
 
 	in = (ArrayType *) PG_DETOAST_DATUM(entry->key);
 
+	CHECKARRVALID(in);
 	if (ARRISVOID(in))
 		PG_RETURN_POINTER(entry);
 
@@ -280,6 +293,9 @@ g_int_same(PG_FUNCTION_ARGS)
 	int4	   *da,
 			   *db;
 
+	CHECKARRVALID(a);
+	CHECKARRVALID(b);
+
 	if (n != ARRNELEMS(b))
 	{
 		*result = false;
diff --git a/contrib/intarray/_int_op.c b/contrib/intarray/_int_op.c
@@ -37,6 +37,8 @@ _int_contains(PG_FUNCTION_ARGS)
 	ArrayType  *b = (ArrayType *) DatumGetPointer(PG_DETOAST_DATUM_COPY(PG_GETARG_DATUM(1)));
 	bool		res;
 
+	CHECKARRVALID(a);
+	CHECKARRVALID(b);
 	if (ARRISVOID(a) || ARRISVOID(b))
 		return FALSE;
 
@@ -71,9 +73,13 @@ _int_same(PG_FUNCTION_ARGS)
 	int		   *da,
 			   *db;
 	bool		result;
-	bool		avoid = ARRISVOID(a);
-	bool		bvoid = ARRISVOID(b);
+	bool		avoid;
+	bool		bvoid;
 
+	CHECKARRVALID(a);
+	CHECKARRVALID(b);
+	avoid = ARRISVOID(a);
+	bvoid = ARRISVOID(b);
 	if (avoid || bvoid)
 		return (avoid && bvoid) ? TRUE : FALSE;
 
@@ -112,6 +118,8 @@ _int_overlap(PG_FUNCTION_ARGS)
 	ArrayType  *b = (ArrayType *) DatumGetPointer(PG_DETOAST_DATUM_COPY(PG_GETARG_DATUM(1)));
 	bool		result;
 
+	CHECKARRVALID(a);
+	CHECKARRVALID(b);
 	if (ARRISVOID(a) || ARRISVOID(b))
 		return FALSE;
 
@@ -133,6 +141,9 @@ _int_union(PG_FUNCTION_ARGS)
 	ArrayType  *b = (ArrayType *) DatumGetPointer(PG_DETOAST_DATUM_COPY(PG_GETARG_DATUM(1)));
 	ArrayType  *result;
 
+	CHECKARRVALID(a);
+	CHECKARRVALID(b);
+
 	if (!ARRISVOID(a))
 		SORT(a);
 	if (!ARRISVOID(b))
@@ -155,6 +166,8 @@ _int_inter(PG_FUNCTION_ARGS)
 	ArrayType  *b = (ArrayType *) DatumGetPointer(PG_DETOAST_DATUM_COPY(PG_GETARG_DATUM(1)));
 	ArrayType  *result;
 
+	CHECKARRVALID(a);
+	CHECKARRVALID(b);
 	if (ARRISVOID(a) || ARRISVOID(b))
 		PG_RETURN_POINTER(new_intArrayType(0));
 
@@ -197,12 +210,6 @@ Datum		intarray_del_elem(PG_FUNCTION_ARGS);
 Datum		intset_union_elem(PG_FUNCTION_ARGS);
 Datum		intset_subtract(PG_FUNCTION_ARGS);
 
-#define QSORT(a, direction)						\
-if (ARRNELEMS(a) > 1)						\
-	qsort((void*)ARRPTR(a), ARRNELEMS(a),sizeof(int4),	\
-		(direction) ? compASC : compDESC )
-
-
 Datum
 intset(PG_FUNCTION_ARGS)
 {
@@ -213,7 +220,7 @@ Datum
 icount(PG_FUNCTION_ARGS)
 {
 	ArrayType  *a = (ArrayType *) DatumGetPointer(PG_DETOAST_DATUM(PG_GETARG_DATUM(0)));
-	int32		count = (ARRISVOID(a)) ? 0 : ARRNELEMS(a);
+	int32		count = ARRNELEMS(a);
 
 	PG_FREE_IF_COPY(a, 0);
 	PG_RETURN_INT32(count);
@@ -228,6 +235,7 @@ sort(PG_FUNCTION_ARGS)
 	char	   *d = (dirstr) ? VARDATA(dirstr) : NULL;
 	int			dir = -1;
 
+	CHECKARRVALID(a);
 	if (ARRISVOID(a) || ARRNELEMS(a) < 2)
 		PG_RETURN_POINTER(a);
 
@@ -255,6 +263,7 @@ sort_asc(PG_FUNCTION_ARGS)
 {
 	ArrayType  *a = (ArrayType *) DatumGetPointer(PG_DETOAST_DATUM_COPY(PG_GETARG_DATUM(0)));
 
+	CHECKARRVALID(a);
 	if (ARRISVOID(a))
 		PG_RETURN_POINTER(a);
 	QSORT(a, 1);
@@ -266,6 +275,7 @@ sort_desc(PG_FUNCTION_ARGS)
 {
 	ArrayType  *a = (ArrayType *) DatumGetPointer(PG_DETOAST_DATUM_COPY(PG_GETARG_DATUM(0)));
 
+	CHECKARRVALID(a);
 	if (ARRISVOID(a))
 		PG_RETURN_POINTER(a);
 	QSORT(a, 0);
@@ -277,6 +287,7 @@ uniq(PG_FUNCTION_ARGS)
 {
 	ArrayType  *a = (ArrayType *) DatumGetPointer(PG_DETOAST_DATUM_COPY(PG_GETARG_DATUM(0)));
 
+	CHECKARRVALID(a);
 	if (ARRISVOID(a) || ARRNELEMS(a) < 2)
 		PG_RETURN_POINTER(a);
 	a = _int_unique(a);
@@ -287,8 +298,10 @@ Datum
 idx(PG_FUNCTION_ARGS)
 {
 	ArrayType  *a = (ArrayType *) DatumGetPointer(PG_DETOAST_DATUM(PG_GETARG_DATUM(0)));
-	int32		result = (ARRISVOID(a)) ? 0 : ARRNELEMS(a);
+	int32		result;
 
+	CHECKARRVALID(a);
+	result = (ARRISVOID(a)) ? 0 : ARRNELEMS(a);
 	if (result)
 		result = intarray_match_first(a, PG_GETARG_INT32(1));
 	PG_FREE_IF_COPY(a, 0);
@@ -305,6 +318,7 @@ subarray(PG_FUNCTION_ARGS)
 	int32		end = 0;
 	int32		c;
 
+	CHECKARRVALID(a);
 	if (ARRISVOID(a))
 	{
 		PG_FREE_IF_COPY(a, 0);
@@ -371,22 +385,29 @@ Datum
 intarray_del_elem(PG_FUNCTION_ARGS)
 {
 	ArrayType  *a = (ArrayType *) DatumGetPointer(PG_DETOAST_DATUM_COPY(PG_GETARG_DATUM(0)));
-	int32		c = (ARRISVOID(a)) ? 0 : ARRNELEMS(a);
-	int32	   *aa = ARRPTR(a);
+	int32		elem = PG_GETARG_INT32(1);
+	int32		c;
+	int32	   *aa;
 	int32		n = 0,
 				i;
-	int32		elem = PG_GETARG_INT32(1);
 
-	for (i = 0; i < c; i++)
-		if (aa[i] != elem)
+	CHECKARRVALID(a);
+	if (!ARRISVOID(a))
+	{
+		c = ARRNELEMS(a);
+		aa = ARRPTR(a);
+		for (i = 0; i < c; i++)
 		{
-			if (i > n)
-				aa[n++] = aa[i];
-			else
-				n++;
+			if (aa[i] != elem)
+			{
+				if (i > n)
+					aa[n++] = aa[i];
+				else
+					n++;
+			}
 		}
-	if (c > 0)
 		a = resize_intArrayType(a, n);
+	}
 	PG_RETURN_POINTER(a);
 }
 
@@ -408,15 +429,18 @@ intset_subtract(PG_FUNCTION_ARGS)
 	ArrayType  *a = (ArrayType *) DatumGetPointer(PG_DETOAST_DATUM_COPY(PG_GETARG_DATUM(0)));
 	ArrayType  *b = (ArrayType *) DatumGetPointer(PG_DETOAST_DATUM_COPY(PG_GETARG_DATUM(1)));
 	ArrayType  *result;
-	int32		ca = ARRISVOID(a);
-	int32		cb = ARRISVOID(b);
+	int32		ca;
+	int32		cb;
 	int32	   *aa,
 			   *bb,
 			   *r;
 	int32		n = 0,
 				i = 0,
 				k = 0;
 
+	CHECKARRVALID(a);
+	CHECKARRVALID(b);
+
 	QSORT(a, 1);
 	a = _int_unique(a);
 	ca = ARRNELEMS(a);
diff --git a/contrib/intarray/_int_tool.c b/contrib/intarray/_int_tool.c
diff --git a/contrib/intarray/_intbig_gist.c b/contrib/intarray/_intbig_gist.c

Original file line number	Diff line number	Diff line change
`@@ -309,6 +309,7 @@ execconsistent(QUERYTYPE * query, ArrayType *array, bool calcnot)`
`309`	`309`	`{`
`310`	`310`	`CHKVAL chkval;`
`311`	`311`
	`312`	`+ CHECKARRVALID(array);`
`312`	`313`	`chkval.arrb = ARRPTR(array);`
`313`	`314`	`chkval.arre = chkval.arrb + ARRNELEMS(array);`
`314`	`315`	`return execute(`
`@@ -339,6 +340,7 @@ boolop(PG_FUNCTION_ARGS)`
`339`	`340`	`CHKVAL chkval;`
`340`	`341`	`bool result;`
`341`	`342`
	`343`	`+ CHECKARRVALID(val);`
`342`	`344`	`if (ARRISVOID(val))`
`343`	`345`	`{`
`344`	`346`	`pfree(val);`