Fix nbtree lookahead overflow bug. Add bounds checking to nbtree's lookahead/skip-within-a-page mechanism. Otherwise it's possible for cases with lots of before-array-keys tuples to overflow an int16 variable, causing the mechanism to generate an out of bounds page offset number.
Oversight in commit 5bf748b8, which enhanced nbtree ScalarArrayOp execution. Reported-By: Alexander Lakhin <exclus...@gmail.com> Discussion: https://postgr.es/m/6c68ac42-bbb5-8b24-103e-af0e279c5...@gmail.com Backpatch: 17-, where nbtree SAOP execution was enhanced. Branch ------ REL_17_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/6749d4aabe74ca37ce351f2e318fe1b3bcf2b71c Modified Files -------------- src/backend/access/nbtree/nbtutils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
