From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Wed, 23 Jan 2008 21:26:20 +0000 (+0000)
Subject: Prevent integer overflow within the integer-datetimes version of
X-Git-Url: http://git.postgresql.org/gitweb/static/gitweb.js?a=commitdiff_plain;h=33c44b2623fc46049f019a7eb5bc9519bd224f8d;p=users%2Fbernd%2Fpostgres.git

Prevent integer overflow within the integer-datetimes version of
TimestampTzPlusMilliseconds.  An integer argument of more than INT_MAX/1000
milliseconds (ie, about 35 minutes) would provoke a wrong result, resulting
in incorrect enforcement of statement_timestamp values larger than that.
Bug was introduced in my rewrite of 2006-06-20, which fixed some other
overflow risks, but missed this one :-(  Per report from Elein.
---

diff --git a/src/include/utils/timestamp.h b/src/include/utils/timestamp.h
index ebd71e7f78..6ca6a3e864 100644
--- a/src/include/utils/timestamp.h
+++ b/src/include/utils/timestamp.h
@@ -182,7 +182,7 @@ typedef double fsec_t;
 #define INTERVAL_RANGE(t) (((t) >> 16) & INTERVAL_RANGE_MASK)
 
 #ifdef HAVE_INT64_TIMESTAMP
-#define TimestampTzPlusMilliseconds(tz,ms) ((tz) + ((ms) * 1000))
+#define TimestampTzPlusMilliseconds(tz,ms) ((tz) + ((ms) * (int64) 1000))
 #else
 #define TimestampTzPlusMilliseconds(tz,ms) ((tz) + ((ms) / 1000.0))
 #endif