Erik Wienhold <e...@ewie.name> writes:
> On 2024-05-20 03:26 +0200, jian he wrote:
>> /* Check parameter number is in range */
>> if (paramno <= 0 || paramno > MaxAllocSize / sizeof(Oid))
>> ereport(ERROR, ...
> Yes, it makes sense to show the upper bound. How about a hint such as
> "Valid parameters range from $%d to $%d."?
I kind of feel like this upper bound is ridiculous. In what scenario
is parameter 250000000 not a mistake, if not indeed somebody trying
to break the system?
The "Bind" protocol message only allows an int16 parameter count,
so rejecting parameter numbers above 32K would make sense to me.
regards, tom lane
