Hallvard Breien Furuseth wrote: > On 13/02/17 13:16, [email protected] wrote: >> [email protected] wrote: >>> (...) >>> datacount > UINT_MAX is truncated to unsigned int: >>> data[1].mv_size = 0x100000002 puts 2 items. >> >>> datacount * datasize can exceed UINT_MAX, which mdb_page_spill() >>> truncates to unsigned int. Such a massive put() will likely >>> fail anyway, but it should at least try to spill properly first. >> >> We should probably check if mv_size is greater than UINT_MAX and return >> EINVAL. (Or ERANGE.) > > If you mean check for overflow, that doesn't work on 32-bit hosts.
It's not possible to pass in a datacount > UINT_MAX on 32bit so there's no need for such a check. It's only needed on 64bit where uint is smaller than size_t. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
