Detect buffer underflow in get_th() Input with zero length can result in a buffer underflow when accessing *(num + (len - 1)), as (len - 1) would produce a negative index. Add an assertion for zero-length input to prevent it.
This was found by ALT Linux Team. Reviewing the call sites shows that get_th() currently cannot be applied to an empty string: it is always called on a string containing a number we've just printed. Therefore, an assertion rather than a user-facing error message is sufficient. Co-authored-by: Alexander Kuznetsov <kuznetso...@altlinux.org> Discussion: https://www.postgresql.org/message-id/flat/e22df993-cdb4-4d0a-b629-42211ebed...@altlinux.org Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/c61d51d50006a2a7bfe25d62ea0677e318febedc Modified Files -------------- src/backend/utils/adt/formatting.c | 2 ++ 1 file changed, 2 insertions(+)
