From 3850d4dec1d91c4fdce274f42986840444d5593e Mon Sep 17 00:00:00 2001
From: Dean Rasheed
Date: Thu, 9 Nov 2023 12:10:14 +0000
Subject: Avoid integer overflow hazard in interval_time().

When casting an interval to a time, the original code suffered from
64-bit integer overflow for inputs with a sufficiently large negative
"time" field, leading to bogus results.

Fix by rewriting the algorithm in a simpler form, that more obviously
cannot overflow. While at it, improve the test coverage to include
negative interval inputs.

Discussion: https://postgr.es/m/CAEZATCXoUKHkcuq4q63hkiPsKZJd0kZWzgKtU%2BNT0aU4wbf_Pw%40mail.gmail.com
---
 src/backend/utils/adt/date.c | 15 +++------------
 1 file changed, 3 insertions(+), 12 deletions(-)

(limited to 'src/backend/utils')

diff --git a/src/backend/utils/adt/date.c b/src/backend/utils/adt/date.c
index 56c7746c11f..544e1d32bfc 100644
--- a/src/backend/utils/adt/date.c
+++ b/src/backend/utils/adt/date.c
@@ -2012,19 +2012,10 @@ interval_time(PG_FUNCTION_ARGS)
 {
 	Interval   *span = PG_GETARG_INTERVAL_P(0);
 	TimeADT		result;
-	int64		days;
 
-	result = span->time;
-	if (result >= USECS_PER_DAY)
-	{
-		days = result / USECS_PER_DAY;
-		result -= days * USECS_PER_DAY;
-	}
-	else if (result < 0)
-	{
-		days = (-result + USECS_PER_DAY - 1) / USECS_PER_DAY;
-		result += days * USECS_PER_DAY;
-	}
+	result = span->time % USECS_PER_DAY;
+	if (result < 0)
+		result += USECS_PER_DAY;
 
 	PG_RETURN_TIMEADT(result);
 }
-- 
cgit v1.2.3