PGPRO-2032: Fix log-rotation-size and log-rotation-age integer overflow

Author: za-arthur

src/configure.c

@@ -161,12 +161,12 @@ writeBackupCatalogConfig(FILE *out, pgBackupConfig *config)
 	if (config->master_user)
 		fprintf(out, "master-user = %s\n", config->master_user);
 
-	convert_from_base_unit_u(config->replica_timeout, OPTION_UNIT_S,
+	convert_from_base_unit_u(config->replica_timeout, OPTION_UNIT_MS,
 								&res, &unit);
 	fprintf(out, "replica-timeout = " UINT64_FORMAT "%s\n", res, unit);
 
 	fprintf(out, "#Archive parameters:\n");
-	convert_from_base_unit_u(config->archive_timeout, OPTION_UNIT_S,
+	convert_from_base_unit_u(config->archive_timeout, OPTION_UNIT_MS,
 								&res, &unit);
 	fprintf(out, "archive-timeout = " UINT64_FORMAT "%s\n", res, unit);
 
@@ -183,11 +183,11 @@ writeBackupCatalogConfig(FILE *out, pgBackupConfig *config)
 		fprintf(out, "log-directory = %s\n", config->log_directory);
 	/* Convert values from base unit */
 	convert_from_base_unit_u(config->log_rotation_size, OPTION_UNIT_KB,
-								&res, &unit);
+							 &res, &unit);
 	fprintf(out, "log-rotation-size = " UINT64_FORMAT "%s\n", res, (res)?unit:"KB");
 
-	convert_from_base_unit_u(config->log_rotation_age, OPTION_UNIT_S,
-								&res, &unit);
+	convert_from_base_unit_u(config->log_rotation_age, OPTION_UNIT_MS,
+							 &res, &unit);
 	fprintf(out, "log-rotation-age = " UINT64_FORMAT "%s\n", res, (res)?unit:"min");
 
 	fprintf(out, "#Retention parameters:\n");
@@ -237,8 +237,8 @@ readBackupCatalogConfigFile(void)
 		{ 's', 0, "log-filename",			&(config->log_filename),		SOURCE_CMDLINE },
 		{ 's', 0, "error-log-filename",		&(config->error_log_filename),	SOURCE_CMDLINE },
 		{ 's', 0, "log-directory",			&(config->log_directory),		SOURCE_CMDLINE },
-		{ 'u', 0, "log-rotation-size",		&(config->log_rotation_size),	SOURCE_CMDLINE,	SOURCE_DEFAULT,	OPTION_UNIT_KB },
-		{ 'u', 0, "log-rotation-age",		&(config->log_rotation_age),	SOURCE_CMDLINE,	SOURCE_DEFAULT,	OPTION_UNIT_S },
+		{ 'U', 0, "log-rotation-size",		&(config->log_rotation_size),	SOURCE_CMDLINE,	SOURCE_DEFAULT,	OPTION_UNIT_KB },
+		{ 'U', 0, "log-rotation-age",		&(config->log_rotation_age),	SOURCE_CMDLINE,	SOURCE_DEFAULT,	OPTION_UNIT_MS },
 		/* connection options */
 		{ 's', 0, "pgdata",					&(config->pgdata),				SOURCE_FILE_STRICT },
 		{ 's', 0, "pgdatabase",				&(config->pgdatabase),			SOURCE_FILE_STRICT },
@@ -250,11 +250,11 @@ readBackupCatalogConfigFile(void)
 		{ 's', 0, "master-port",			&(config->master_port),			SOURCE_FILE_STRICT },
 		{ 's', 0, "master-db",				&(config->master_db),			SOURCE_FILE_STRICT },
 		{ 's', 0, "master-user",			&(config->master_user),			SOURCE_FILE_STRICT },
-		{ 'u', 0, "replica-timeout",		&(config->replica_timeout),		SOURCE_CMDLINE,	SOURCE_DEFAULT,	OPTION_UNIT_S },
+		{ 'u', 0, "replica-timeout",		&(config->replica_timeout),		SOURCE_CMDLINE,	SOURCE_DEFAULT,	OPTION_UNIT_MS },
 		/* other options */
 		{ 'U', 0, "system-identifier",		&(config->system_identifier),	SOURCE_FILE_STRICT },
 		/* archive options */
-		{ 'u', 0, "archive-timeout",		&(config->archive_timeout),		SOURCE_CMDLINE,	SOURCE_DEFAULT,	OPTION_UNIT_S },
+		{ 'u', 0, "archive-timeout",		&(config->archive_timeout),		SOURCE_CMDLINE,	SOURCE_DEFAULT,	OPTION_UNIT_MS },
 		{0}
 	};
 
@@ -373,13 +373,13 @@ show_configure_json(pgBackupConfig *config)
 					   true);
 
 	json_add_key(buf, "replica-timeout", json_level, true);
-	convert_from_base_unit_u(config->replica_timeout, OPTION_UNIT_S,
+	convert_from_base_unit_u(config->replica_timeout, OPTION_UNIT_MS,
 							 &res, &unit);
 	appendPQExpBuffer(buf, UINT64_FORMAT "%s", res, unit);
 
 	/* Archive parameters */
 	json_add_key(buf, "archive-timeout", json_level, true);
-	convert_from_base_unit_u(config->archive_timeout, OPTION_UNIT_S,
+	convert_from_base_unit_u(config->archive_timeout, OPTION_UNIT_MS,
 							 &res, &unit);
 	appendPQExpBuffer(buf, UINT64_FORMAT "%s", res, unit);
 
@@ -416,7 +416,7 @@ show_configure_json(pgBackupConfig *config)
 	appendPQExpBuffer(buf, UINT64_FORMAT "%s", res, (res)?unit:"KB");
 
 	json_add_key(buf, "log-rotation-age", json_level, true);
-	convert_from_base_unit_u(config->log_rotation_age, OPTION_UNIT_S,
+	convert_from_base_unit_u(config->log_rotation_age, OPTION_UNIT_MS,
 							 &res, &unit);
 	appendPQExpBuffer(buf, UINT64_FORMAT "%s", res, (res)?unit:"min");
 

src/pg_probackup.c

@@ -131,14 +131,14 @@ static pgut_option options[] =
 	{ 'f', 'b', "backup-mode",			opt_backup_mode,	SOURCE_CMDLINE },
 	{ 'b', 'C', "smooth-checkpoint",	&smooth_checkpoint,	SOURCE_CMDLINE },
 	{ 's', 'S', "slot",					&replication_slot,	SOURCE_CMDLINE },
-	{ 'u', 11, "archive-timeout",		&archive_timeout,	SOURCE_CMDLINE, SOURCE_DEFAULT,	OPTION_UNIT_S },
+	{ 'u', 11, "archive-timeout",		&archive_timeout,	SOURCE_CMDLINE, SOURCE_DEFAULT,	OPTION_UNIT_MS },
 	{ 'b', 12, "delete-wal",			&delete_wal,		SOURCE_CMDLINE },
 	{ 'b', 13, "delete-expired",		&delete_expired,	SOURCE_CMDLINE },
 	{ 's', 14, "master-db",				&master_db,			SOURCE_CMDLINE, },
 	{ 's', 15, "master-host",			&master_host,		SOURCE_CMDLINE, },
 	{ 's', 16, "master-port",			&master_port,		SOURCE_CMDLINE, },
 	{ 's', 17, "master-user",			&master_user,		SOURCE_CMDLINE, },
-	{ 'u', 18, "replica-timeout",		&replica_timeout,	SOURCE_CMDLINE,	SOURCE_DEFAULT,	OPTION_UNIT_S },
+	{ 'u', 18, "replica-timeout",		&replica_timeout,	SOURCE_CMDLINE,	SOURCE_DEFAULT,	OPTION_UNIT_MS },
 	/* TODO not completed feature. Make it unavailiable from user level
 	 { 'b', 18, "remote",				&is_remote_backup,	SOURCE_CMDLINE, }, */
 	/* restore options */
@@ -172,8 +172,8 @@ static pgut_option options[] =
 	{ 's', 142, "log-filename",			&log_filename,		SOURCE_CMDLINE },
 	{ 's', 143, "error-log-filename",	&error_log_filename, SOURCE_CMDLINE },
 	{ 's', 144, "log-directory",		&log_directory,		SOURCE_CMDLINE },
-	{ 'u', 145, "log-rotation-size",	&log_rotation_size,	SOURCE_CMDLINE,	SOURCE_DEFAULT,	OPTION_UNIT_KB },
-	{ 'u', 146, "log-rotation-age",		&log_rotation_age,	SOURCE_CMDLINE,	SOURCE_DEFAULT,	OPTION_UNIT_MIN },
+	{ 'U', 145, "log-rotation-size",	&log_rotation_size,	SOURCE_CMDLINE,	SOURCE_DEFAULT,	OPTION_UNIT_KB },
+	{ 'U', 146, "log-rotation-age",		&log_rotation_age,	SOURCE_CMDLINE,	SOURCE_DEFAULT,	OPTION_UNIT_MS },
 	/* connection options */
 	{ 's', 'd', "pgdatabase",			&pgut_dbname,		SOURCE_CMDLINE },
 	{ 's', 'h', "pghost",				&host,				SOURCE_CMDLINE },

src/pg_probackup.h

@@ -191,8 +191,8 @@ typedef struct pgBackupConfig
 	char	   *log_filename;
 	char	   *error_log_filename;
 	char	   *log_directory;
-	int			log_rotation_size;
-	int			log_rotation_age;
+	uint64		log_rotation_size;
+	uint64		log_rotation_age;
 
 	uint32		retention_redundancy;
 	uint32		retention_window;

src/utils/logger.c

@@ -32,9 +32,9 @@ char	   *log_directory = NULL;
 char		log_path[MAXPGPATH] = "";
 
 /* Maximum size of an individual log file in kilobytes */
-int			log_rotation_size = 0;
+uint64		log_rotation_size = 0;
 /* Maximum lifetime of an individual log file in minutes */
-int			log_rotation_age = 0;
+uint64		log_rotation_age = 0;
 
 /* Implementation for logging.h */
 

src/utils/logger.h

@@ -36,8 +36,8 @@ extern char			log_path[MAXPGPATH];
 
 #define LOG_ROTATION_SIZE_DEFAULT 0
 #define LOG_ROTATION_AGE_DEFAULT 0
-extern int			log_rotation_size;
-extern int			log_rotation_age;
+extern uint64		log_rotation_size;
+extern uint64		log_rotation_age;
 
 #define LOG_LEVEL_CONSOLE_DEFAULT INFO
 #define LOG_LEVEL_FILE_DEFAULT LOG_OFF

src/utils/pgut.c

@@ -19,15 +19,6 @@
 #include "logger.h"
 #include "pgut.h"
 
-/* old gcc doesn't have LLONG_MAX. */
-#ifndef LLONG_MAX
-#if defined(HAVE_LONG_INT_64) || !defined(HAVE_LONG_LONG_INT_64)
-#define LLONG_MAX		LONG_MAX
-#else
-#define LLONG_MAX		INT64CONST(0x7FFFFFFFFFFFFFFF)
-#endif
-#endif
-
 #define MAX_TZDISP_HOUR		15	/* maximum allowed hour part */
 #define SECS_PER_MINUTE		60
 #define MINS_PER_HOUR		60
@@ -303,7 +294,13 @@ convert_to_base_unit(int64 value, const char *unit,
 			if (table[i].multiplier < 0)
 				*base_value = value / (-table[i].multiplier);
 			else
+			{
+				/* Check for integer overflow first */
+				if (value > PG_INT64_MAX / table[i].multiplier)
+					return false;
+
 				*base_value = value * table[i].multiplier;
+			}
 			return true;
 		}
 	}
@@ -333,7 +330,13 @@ convert_to_base_unit_u(uint64 value, const char *unit,
 			if (table[i].multiplier < 0)
 				*base_value = value / (-table[i].multiplier);
 			else
+			{
+				/* Check for integer overflow first */
+				if (value > PG_UINT64_MAX / table[i].multiplier)
+					return false;
+
 				*base_value = value * table[i].multiplier;
+			}
 			return true;
 		}
 	}
@@ -371,6 +374,10 @@ convert_from_base_unit(int64 base_value, int base_unit,
 			 */
 			if (table[i].multiplier < 0)
 			{
+				/* Check for integer overflow first */
+				if (base_value > PG_INT64_MAX / (-table[i].multiplier))
+					continue;
+
 				*value = base_value * (-table[i].multiplier);
 				*unit = table[i].unit;
 				break;
@@ -415,6 +422,10 @@ convert_from_base_unit_u(uint64 base_value, int base_unit,
 			 */
 			if (table[i].multiplier < 0)
 			{
+				/* Check for integer overflow first */
+				if (base_value > PG_UINT64_MAX / (-table[i].multiplier))
+					continue;
+
 				*value = base_value * (-table[i].multiplier);
 				*unit = table[i].unit;
 				break;
@@ -612,7 +623,7 @@ parse_int32(const char *value, int32 *result, int flags)
 
 	if (strcmp(value, INFINITE_STR) == 0)
 	{
-		*result = INT_MAX;
+		*result = PG_INT32_MAX;
 		return true;
 	}
 
@@ -621,12 +632,17 @@ parse_int32(const char *value, int32 *result, int flags)
 	if (endptr == value || (*endptr && flags == 0))
 		return false;
 
+	/* Check for integer overflow */
 	if (errno == ERANGE || val != (int64) ((int32) val))
 		return false;
 
 	if (!parse_unit(endptr, flags, val, &val))
 		return false;
 
+	/* Check for integer overflow again */
+	if (val != (int64) ((int32) val))
+		return false;
+
 	*result = val;
 
 	return true;
@@ -644,7 +660,7 @@ parse_uint32(const char *value, uint32 *result, int flags)
 
 	if (strcmp(value, INFINITE_STR) == 0)
 	{
-		*result = UINT_MAX;
+		*result = PG_UINT32_MAX;
 		return true;
 	}
 
@@ -653,12 +669,17 @@ parse_uint32(const char *value, uint32 *result, int flags)
 	if (endptr == value || (*endptr && flags == 0))
 		return false;
 
+	/* Check for integer overflow */
 	if (errno == ERANGE || val != (uint64) ((uint32) val))
 		return false;
 
 	if (!parse_unit_u(endptr, flags, val, &val))
 		return false;
 
+	/* Check for integer overflow again */
+	if (val != (uint64) ((uint32) val))
+		return false;
+
 	*result = val;
 
 	return true;
@@ -676,7 +697,7 @@ parse_int64(const char *value, int64 *result, int flags)
 
 	if (strcmp(value, INFINITE_STR) == 0)
 	{
-		*result = LLONG_MAX;
+		*result = PG_INT64_MAX;
 		return true;
 	}
 
@@ -714,13 +735,7 @@ parse_uint64(const char *value, uint64 *result, int flags)
 
 	if (strcmp(value, INFINITE_STR) == 0)
 	{
-#if defined(HAVE_LONG_INT_64)
-		*result = ULONG_MAX;
-#elif defined(HAVE_LONG_LONG_INT_64)
-		*result = ULLONG_MAX;
-#else
-		*result = ULONG_MAX;
-#endif
+		*result = PG_UINT64_MAX;
 		return true;
 	}