Add upper bound for start_xid, start_mx_id and start_mx_offset

Author: maksm90

src/backend/bootstrap/bootstrap.c

@@ -250,28 +250,28 @@ AuxiliaryProcessMain(int argc, char *argv[])
 				bootstrap_data_checksum_version = PG_DATA_CHECKSUM_VERSION;
 				break;
 			case 'm':
-				if (sscanf(optarg, HEX_XID_FMT, &start_mx_id) != 1)
-				{
-					fprintf(stderr, "%s: invalid hex value of multixact-id\n", progname);
-					exit(1);
-				}
+				if (sscanf(optarg, HEX_XID_FMT, &start_mx_id) != 1
+				 || !StartMultiXactIdIsValid(start_mx_id))
+					ereport(ERROR,
+							(errcode(ERRCODE_SYNTAX_ERROR),
+							 errmsg("invalid start multixact id value")));
 				break;
 			case 'o':
-				if (sscanf(optarg, XID_FMT, &start_mx_offset) != 1)
-				{
-					fprintf(stderr, "%s: invalid decimal value of multixact-offset\n", progname);
-					exit(1);
-				}
+				if (sscanf(optarg, XID_FMT, &start_mx_offset) != 1
+				 || !StartMultiXactOffsetIsValid(start_mx_offset))
+					ereport(ERROR,
+							(errcode(ERRCODE_SYNTAX_ERROR),
+							 errmsg("invalid start multixact offset value")));
 				break;
 			case 'r':
 				strlcpy(OutputFileName, optarg, MAXPGPATH);
 				break;
 			case 'X':
-				if (sscanf(optarg, HEX_XID_FMT, &start_xid) != 1)
-				{
-					fprintf(stderr, "%s: invalid hex value of xid\n", progname);
-					exit(1);
-				}
+				if (sscanf(optarg, HEX_XID_FMT, &start_xid) != 1
+				 || !StartTransactionIdIsValid(start_xid))
+					ereport(ERROR,
+							(errcode(ERRCODE_SYNTAX_ERROR),
+							 errmsg("invalid start xid value")));
 				break;
 			case 'x':
 				MyAuxProcType = atoi(optarg);

src/bin/initdb/initdb.c

@@ -2694,19 +2694,19 @@ usage(const char *progname)
 	printf(_("  -W, --pwprompt            prompt for a password for the new superuser\n"));
 	printf(_("  -X, --xlogdir=XLOGDIR     location for the transaction log directory\n"));
 	printf(_("  -x, --xid=START_XID       specify start xid value in decimal format for new db instance to test 64-bit xids,\n"
-			 "                            default value is 0\n"));
+			 "                            default value is 0, max value is 2^62-1\n"));
 	printf(_("\nLess commonly used options:\n"));
 	printf(_("  -d, --debug               generate lots of debugging output\n"));
 	printf(_("  -k, --data-checksums      use data page checksums\n"));
 	printf(_("  -L DIRECTORY              where to find the input files\n"));
 	printf(_("  -m, --multixact-id=START_MX_ID\n"
 			 "                            specify start multixact id value in decimal format for new db instance\n"
-			 "                            to test 64-bit xids, default value is 0\n"));
+			 "                            to test 64-bit xids, default value is 0, max value is 2^62-1\n"));
 	printf(_("  -n, --noclean             do not clean up after errors\n"));
 	printf(_("  -N, --nosync              do not wait for changes to be written safely to disk\n"));
 	printf(_("  -o, --multixact-offset=START_MX_OFFSET\n"
 			 "                            specify start multixact offset value in decimal format for new db instance\n"
-			 "                            to test 64-bit xids, default value is 0\n"));
+			 "                            to test 64-bit xids, default value is 0, max value is 2^62-1\n"));
 	printf(_("  -s, --show                show internal settings\n"));
 	printf(_("  -S, --sync-only           only sync data directory\n"));
 	printf(_("\nOther options:\n"));
@@ -3471,7 +3471,14 @@ main(int argc, char *argv[])
 			case 'm':
 				if (sscanf(optarg, XID_FMT, &start_mx_id) != 1)
 				{
-					fprintf(stderr, "%s: invalid decimal value of multixact-id\n", progname);
+					fprintf(stderr, "%s: invalid decimal START_MX_ID value\n",
+							progname);
+					exit(1);
+				}
+				if (!StartMultiXactIdIsValid(start_mx_id))
+				{
+					fprintf(stderr, "%s: out-of-range START_MX_ID value (the value must be less than 2^62)\n",
+							progname);
 					exit(1);
 				}
 				break;
@@ -3485,7 +3492,14 @@ main(int argc, char *argv[])
 			case 'o':
 				if (sscanf(optarg, XID_FMT, &start_mx_offset) != 1)
 				{
-					fprintf(stderr, "%s: invalid decimal value of multixact-offset\n", progname);
+					fprintf(stderr, "%s: invalid decimal START_MX_OFFSET value\n",
+							progname);
+					exit(1);
+				}
+				if (!StartMultiXactOffsetIsValid(start_mx_offset))
+				{
+					fprintf(stderr, "%s: out-of-range START_MX_OFFSET value (the value must be less than 2^62)\n",
+							progname);
 					exit(1);
 				}
 				break;
@@ -3537,7 +3551,14 @@ main(int argc, char *argv[])
 			case 'x':
 				if (sscanf(optarg, XID_FMT, &start_xid) != 1)
 				{
-					fprintf(stderr, "%s: invalid decimal value of xid\n", progname);
+					fprintf(stderr, "%s: invalid decimal START_XID value\n",
+							progname);
+					exit(1);
+				}
+				if (!StartTransactionIdIsValid(start_xid))
+				{
+					fprintf(stderr, "%s: out-of-range START_XID value (the value must be less than 2^62)\n",
+							progname);
 					exit(1);
 				}
 				break;

src/include/c.h

@@ -390,13 +390,17 @@ typedef double float8;
 typedef Oid regproc;
 typedef regproc RegProcedure;
 
+#define MAX_START_XID	UINT64CONST(0x3fffffffffffffff)
+
 typedef uint64 TransactionId;
 
 #define TransactionIdPrecedes(id1, id2) ((id1) < (id2))
 #define TransactionIdPrecedesOrEquals(id1, id2) ((id1) <= (id2))
 #define TransactionIdFollows(id1, id2) ((id1) > (id2))
 #define TransactionIdFollowsOrEquals(id1, id2) ((id1) >= (id2))
 
+#define StartTransactionIdIsValid(start_xid)	((start_xid) <= MAX_START_XID)
+
 typedef uint32 ShortTransactionId;
 
 typedef uint64 LocalTransactionId;
@@ -417,8 +421,12 @@ typedef TransactionId MultiXactId;
 #define MultiXactIdFollows(id1, id2) ((id1) > (id2))
 #define MultiXactIdFollowsOrEquals(id1, id2) ((id1) >= (id2))
 
+#define StartMultiXactIdIsValid(start_mx_id)	((start_mx_id) <= MAX_START_XID)
+
 typedef uint64 MultiXactOffset;
 
+#define StartMultiXactOffsetIsValid(start_mx_offset)	((start_mx_offset) <= MAX_START_XID)
+
 typedef uint32 CommandId;
 
 #define FirstCommandId	((CommandId) 0)