Fix contrib/hstore to throw an error for keys or values that don't fit in its

tglsfdc · tglsfdc · commit f3a72bd40bf3 · 2009-03-15T22:05:17.000Z
data structure, rather than silently truncating them.  Andrew Gierth
diff --git a/contrib/hstore/hstore.h b/contrib/hstore/hstore.h
@@ -1,5 +1,5 @@
 /*
- * $PostgreSQL: pgsql/contrib/hstore/hstore.h,v 1.6 2008/05/12 00:00:42 alvherre Exp $
+ * $PostgreSQL: pgsql/contrib/hstore/hstore.h,v 1.7 2009/03/15 22:05:17 tgl Exp $
  */
 #ifndef __HSTORE_H__
 #define __HSTORE_H__
@@ -16,6 +16,11 @@ typedef struct
 				pos:31;
 }	HEntry;
 
+/* these are determined by the sizes of the keylen and vallen fields */
+/* in struct HEntry and struct Pairs */
+#define HSTORE_MAX_KEY_LEN 65535
+#define HSTORE_MAX_VALUE_LEN 65535
+
 
 typedef struct
 {
@@ -45,6 +50,9 @@ typedef struct
 int			comparePairs(const void *a, const void *b);
 int			uniquePairs(Pairs * a, int4 l, int4 *buflen);
 
+size_t      hstoreCheckKeyLen(size_t len);
+size_t      hstoreCheckValLen(size_t len);
+
 #define HStoreContainsStrategyNumber	7
 #define HStoreExistsStrategyNumber		9
 
diff --git a/contrib/hstore/hstore_io.c b/contrib/hstore/hstore_io.c
@@ -1,5 +1,5 @@
 /*
- * $PostgreSQL: pgsql/contrib/hstore/hstore_io.c,v 1.8 2008/05/12 00:00:42 alvherre Exp $
+ * $PostgreSQL: pgsql/contrib/hstore/hstore_io.c,v 1.9 2009/03/15 22:05:17 tgl Exp $
  */
 #include "postgres.h"
 
@@ -188,7 +188,7 @@ parse_hstore(HSParser * state)
 				state->pairs = (Pairs *) repalloc(state->pairs, sizeof(Pairs) * state->plen);
 			}
 			state->pairs[state->pcur].key = state->word;
-			state->pairs[state->pcur].keylen = state->cur - state->word;
+			state->pairs[state->pcur].keylen = hstoreCheckKeyLen(state->cur - state->word);
 			state->pairs[state->pcur].val = NULL;
 			state->word = NULL;
 			st = WEQ;
@@ -228,7 +228,7 @@ parse_hstore(HSParser * state)
 			if (!get_val(state, true, &escaped))
 				elog(ERROR, "Unexpected end of string");
 			state->pairs[state->pcur].val = state->word;
-			state->pairs[state->pcur].vallen = state->cur - state->word;
+			state->pairs[state->pcur].vallen = hstoreCheckValLen(state->cur - state->word);
 			state->pairs[state->pcur].isnull = false;
 			state->pairs[state->pcur].needfree = true;
 			if (state->cur - state->word == 4 && !escaped)
@@ -268,11 +268,9 @@ comparePairs(const void *a, const void *b)
 {
 	if (((Pairs *) a)->keylen == ((Pairs *) b)->keylen)
 	{
-		int			res = strncmp(
-								  ((Pairs *) a)->key,
+		int			res = strncmp(((Pairs *) a)->key,
 								  ((Pairs *) b)->key,
-								  ((Pairs *) a)->keylen
-		);
+								  ((Pairs *) a)->keylen);
 
 		if (res)
 			return res;
@@ -347,6 +345,27 @@ freeHSParse(HSParser * state)
 	pfree(state->pairs);
 }
 
+size_t
+hstoreCheckKeyLen(size_t len)
+{
+	if (len > HSTORE_MAX_KEY_LEN)
+		ereport(ERROR,
+				(errcode(ERRCODE_STRING_DATA_RIGHT_TRUNCATION),
+				 errmsg("string too long for hstore key")));
+	return len;
+}
+
+size_t
+hstoreCheckValLen(size_t len)
+{
+	if (len > HSTORE_MAX_VALUE_LEN)
+		ereport(ERROR,
+				(errcode(ERRCODE_STRING_DATA_RIGHT_TRUNCATION),
+				 errmsg("string too long for hstore value")));
+	return len;
+}
+
+
 PG_FUNCTION_INFO_V1(hstore_in);
 Datum		hstore_in(PG_FUNCTION_ARGS);
 Datum
diff --git a/contrib/hstore/hstore_op.c b/contrib/hstore/hstore_op.c
@@ -295,15 +295,15 @@ tconvert(PG_FUNCTION_ARGS)
 	SET_VARSIZE(out, len);
 	out->size = 1;
 
-	ARRPTR(out)->keylen = VARSIZE(key) - VARHDRSZ;
+	ARRPTR(out)->keylen = hstoreCheckKeyLen(VARSIZE(key) - VARHDRSZ);
 	if (PG_ARGISNULL(1))
 	{
 		ARRPTR(out)->vallen = 0;
 		ARRPTR(out)->valisnull = true;
 	}
 	else
 	{
-		ARRPTR(out)->vallen = VARSIZE(val) - VARHDRSZ;
+		ARRPTR(out)->vallen = hstoreCheckValLen(VARSIZE(val) - VARHDRSZ);
 		ARRPTR(out)->valisnull = false;
 	}
 	ARRPTR(out)->pos = 0;
@@ -540,11 +540,9 @@ hs_contains(PG_FUNCTION_ARGS)
 					res = false;
 			}
 			else if (te->vallen != entry->vallen ||
-					 strncmp(
-							 vv + entry->pos + entry->keylen,
+					 strncmp(vv + entry->pos + entry->keylen,
 							 tv + te->pos + te->keylen,
-							 te->vallen)
-				)
+							 te->vallen))
 				res = false;
 		}
 		else
diff --git a/doc/src/sgml/hstore.sgml b/doc/src/sgml/hstore.sgml
@@ -1,4 +1,4 @@
-<!-- $PostgreSQL: pgsql/doc/src/sgml/hstore.sgml,v 1.2 2007/12/06 04:12:10 tgl Exp $ -->
+<!-- $PostgreSQL: pgsql/doc/src/sgml/hstore.sgml,v 1.3 2009/03/15 22:05:17 tgl Exp $ -->
 
 <sect1 id="hstore">
  <title>hstore</title>
@@ -14,6 +14,12 @@
   that are rarely examined, or semi-structured data.
  </para>
 
+ <para>
+  In the current implementation, neither the key nor the value
+  string can exceed 65535 bytes in length; an error will be thrown if this
+  limit is exceeded. These maximum lengths may change in future releases.
+ </para>
+
  <sect2>
   <title><type>hstore</> External Representation</title>
 

Original file line number	Diff line number	Diff line change
`@@ -295,15 +295,15 @@ tconvert(PG_FUNCTION_ARGS)`
`295`	`295`	`SET_VARSIZE(out, len);`
`296`	`296`	`out->size = 1;`
`297`	`297`
`298`		`- ARRPTR(out)->keylen = VARSIZE(key) - VARHDRSZ;`
	`298`	`+ ARRPTR(out)->keylen = hstoreCheckKeyLen(VARSIZE(key) - VARHDRSZ);`
`299`	`299`	`if (PG_ARGISNULL(1))`
`300`	`300`	`{`
`301`	`301`	`ARRPTR(out)->vallen = 0;`
`302`	`302`	`ARRPTR(out)->valisnull = true;`
`303`	`303`	`}`
`304`	`304`	`else`
`305`	`305`	`{`
`306`		`- ARRPTR(out)->vallen = VARSIZE(val) - VARHDRSZ;`
	`306`	`+ ARRPTR(out)->vallen = hstoreCheckValLen(VARSIZE(val) - VARHDRSZ);`
`307`	`307`	`ARRPTR(out)->valisnull = false;`
`308`	`308`	`}`
`309`	`309`	`ARRPTR(out)->pos = 0;`
`@@ -540,11 +540,9 @@ hs_contains(PG_FUNCTION_ARGS)`
`540`	`540`	`res = false;`
`541`	`541`	`}`
`542`	`542`	`else if (te->vallen != entry->vallen \|\|`
`543`		`- strncmp(`
`544`		`- vv + entry->pos + entry->keylen,`
	`543`	`+ strncmp(vv + entry->pos + entry->keylen,`
`545`	`544`	`tv + te->pos + te->keylen,`
`546`		`- te->vallen)`
`547`		`- )`
	`545`	`+ te->vallen))`
`548`	`546`	`res = false;`
`549`	`547`	`}`
`550`	`548`	`else`