Hi. Per Coverity.
CID 1608872: (#1 of 1): Improper use of negative value (NEGATIVE_RETURNS) 32. negative_returns: bms_next_member(child_joinrel->relids, -1) is passed to a parameter that cannot be negative.[show details] CID 1608871: (#1 of 1): Out-of-bounds access (OVERRUN) 32. overrun-buffer-arg: Calling add_child_eq_member with cur_ec->ec_childmembers and bms_next_member(child_joinrel->relids, -1) is suspicious because of the very large index, 4294967294. The index may be due to a negative parameter being interpreted as unsigned. Coverity has two new reports about use of the function *bms_next_member*. I think that he is right. The function bms_next_member can return NEGATIVE. So it is necessary to validate the function's return. Attached has three patchs. 1. src/backend/optimizer/path/equivclass.c Source of the Coverity report. Function: add_child_join_rel_equivalences Check the return of bms_next_member and avoid continue if return is negative. 2. src/backend/partitioning/partprune.c Function: make_partition_pruneinfo Check the return of bms_next_member and avoid look if targetpart if not found. 3. contrib/postgres_fdw/postgres_fdw.c Function: postgresBeginForeignScan Check the return of bms_next_member and abort if fail. Function: postgresExplainForeignScan Check the return of bms_next_member and abort if fail. The patchs are attempts, not definitive fixes. best regards, Ranier Vilela
avoid-miuse-api-bms_next_member-equivclass.patch
Description: Binary data
avoid-possible-overflow-partprune.patch
Description: Binary data
check-possible-fail-bms_next_member-postgres_fdw.patch
Description: Binary data
