From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 4112E246DC for ; Wed, 20 Feb 2019 13:39:42 -0500 (EST) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qtLQouvLZaF7 for ; Wed, 20 Feb 2019 13:39:42 -0500 (EST) Received: from smtpng2.m.smailru.net (smtpng2.m.smailru.net [94.100.179.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id EDC2E21021 for ; Wed, 20 Feb 2019 13:39:41 -0500 (EST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\)) Subject: [tarantool-patches] Re: [PATCH 4/4] sql: raise integer overflow error during msgpack decode From: "n.pettik" In-Reply-To: <20190220182521.GE3412@chai> Date: Wed, 20 Feb 2019 21:39:38 +0300 Content-Transfer-Encoding: quoted-printable Message-Id: <88BEBC9C-84E0-4676-9E42-6E3AB04A0CB9@tarantool.org> References: <20190220182521.GE3412@chai> Sender: tarantool-patches-bounce@freelists.org Errors-to: tarantool-patches-bounce@freelists.org Reply-To: tarantool-patches@freelists.org List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: tarantool-patches List-subscribe: List-owner: List-post: List-archive: To: tarantool-patches@freelists.org Cc: Konstantin Osipov , Vladislav Shpilevoy > On 20 Feb 2019, at 21:25, Konstantin Osipov = wrote: >=20 > * Nikita Pettik [19/02/20 15:12]: >> Since previous commit allows us to raise an error during msgpack = decode >> inside VDBE, lets do this if decoded integer is out of >> [INT64_MIN, INT64_MAX] range and set "integer is overflowed" = diagnostic >> message. >=20 > This looks OK as interim approach to close 3735, but can't be > accepted as a production-level fix. If SQL can't handle uint64_t > range, SQL tables should not be able to store values from this > range, i.e. there should be an implicitly created constraint on > SQL tables. Better yet is to make sure SQL can handle entire > tarantool range by changing vdbe to emit uint64-range-aware > instructions. It is to be implemented in scope of #3810 issue. Without this patch operations on integers values in range [INT64_MAX, UIN64_MAX] lead to unpredictable results. So, I guess you won=E2=80=99t argue that error raising as at least temporary fix is significantly better than misleading results. > --=20 > Konstantin Osipov, Moscow, Russia, +7 903 626 22 32 > http://tarantool.io - www.twitter.com/kostja_osipov >=20