.gitignore

@@ -1,4 +1,6 @@
-SOURCES/postgresql-10.23-US.pdf
-SOURCES/postgresql-10.23.tar.bz2
-SOURCES/postgresql-9.2.24.tar.bz2
-SOURCES/postgresql-setup-8.7.tar.gz
+/postgresql-10.23.tar.bz2
+/postgresql-10.23.tar.bz2.sha256
+/postgresql-9.2.24.tar.bz2
+/postgresql-9.2.24.tar.bz2.sha256
+/postgresql-setup-8.7.tar.gz
+/postgresql-10.23-US.pdf

.postgresql.metadata

@@ -1,4 +0,0 @@
-a416c245ff0815fbde534bc49b0a07ffdd373894 SOURCES/postgresql-10.23-US.pdf
-2df7b4b3751112f3cb543c3ea81e45531bebc7a1 SOURCES/postgresql-10.23.tar.bz2
-63d6966ccdbab6aae1f9754fdb8e341ada1ef653 SOURCES/postgresql-9.2.24.tar.bz2
-fb97095dc9648f9c31d58fcb406831da5e419ddf SOURCES/postgresql-setup-8.7.tar.gz

SOURCES/postgresql-10.23-CVE-2023-5869.patch

@@ -1,576 +0,0 @@
-From d267cea24ea346c739c85bf7bccbd8e8f59da6b3 Mon Sep 17 00:00:00 2001
-From: Tom Lane <tgl@sss.pgh.pa.us>
-Date: Mon, 6 Nov 2023 10:56:43 -0500
-Subject: [PATCH 1/1] Detect integer overflow while computing new array
- dimensions.
-
-array_set_element() and related functions allow an array to be
-enlarged by assigning to subscripts outside the current array bounds.
-While these places were careful to check that the new bounds are
-allowable, they neglected to consider the risk of integer overflow
-in computing the new bounds.  In edge cases, we could compute new
-bounds that are invalid but get past the subsequent checks,
-allowing bad things to happen.  Memory stomps that are potentially
-exploitable for arbitrary code execution are possible, and so is
-disclosure of server memory.
-
-To fix, perform the hazardous computations using overflow-detecting
-arithmetic routines, which fortunately exist in all still-supported
-branches.
-
-The test cases added for this generate (after patching) errors that
-mention the value of MaxArraySize, which is platform-dependent.
-Rather than introduce multiple expected-files, use psql's VERBOSITY
-parameter to suppress the printing of the message text.  v11 psql
-lacks that parameter, so omit the tests in that branch.
-
-Our thanks to Pedro Gallegos for reporting this problem.
-
-Security: CVE-2023-5869
-Sign-Off-By: Tianyue Lan <tianyue.lan@oracle.com>
-
----
- src/backend/utils/adt/arrayfuncs.c   | 85 ++++++++++++++++++++++------
- src/backend/utils/adt/arrayutils.c   |  6 --
- src/include/utils/array.h            |  7 +++
- src/test/regress/expected/arrays.out | 17 ++++++
- src/test/regress/sql/arrays.sql      | 19 +++++++
- src/include/common/int.h | 273 +++++++++++++++++++++++++++++++++++++++
- create mode 100644 src/include/common/int.h
- 6 files changed, 383 insertions(+), 24 deletions(-)
-
-diff --git a/src/backend/utils/adt/arrayfuncs.c b/src/backend/utils/adt/arrayfuncs.c
-index 553c517..7363893 100644
---- a/src/backend/utils/adt/arrayfuncs.c
-+++ b/src/backend/utils/adt/arrayfuncs.c
-@@ -22,6 +22,7 @@
- 
- #include "access/htup_details.h"
- #include "catalog/pg_type.h"
-+#include "common/int.h"
- #include "funcapi.h"
- #include "libpq/pqformat.h"
- #include "utils/array.h"
-@@ -2309,22 +2310,38 @@ array_set_element(Datum arraydatum,
- 	addedbefore = addedafter = 0;
- 
- 	/*
--	 * Check subscripts
-+	 * Check subscripts.  We assume the existing subscripts passed
-+	 * ArrayCheckBounds, so that dim[i] + lb[i] can be computed without
-+	 * overflow.  But we must beware of other overflows in our calculations of
-+	 * new dim[] values.
- 	 */
- 	if (ndim == 1)
- 	{
- 		if (indx[0] < lb[0])
- 		{
--			addedbefore = lb[0] - indx[0];
--			dim[0] += addedbefore;
-+			/* addedbefore = lb[0] - indx[0]; */
-+			/* dim[0] += addedbefore; */
-+			if (pg_sub_s32_overflow(lb[0], indx[0], &addedbefore) ||
-+				pg_add_s32_overflow(dim[0], addedbefore, &dim[0]))
-+				ereport(ERROR,
-+						(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
-+						 errmsg("array size exceeds the maximum allowed (%d)",
-+								(int) MaxArraySize)));
- 			lb[0] = indx[0];
- 			if (addedbefore > 1)
- 				newhasnulls = true; /* will insert nulls */
- 		}
- 		if (indx[0] >= (dim[0] + lb[0]))
- 		{
--			addedafter = indx[0] - (dim[0] + lb[0]) + 1;
--			dim[0] += addedafter;
-+			/* addedafter = indx[0] - (dim[0] + lb[0]) + 1; */
-+			/* dim[0] += addedafter; */
-+			if (pg_sub_s32_overflow(indx[0], dim[0] + lb[0], &addedafter) ||
-+				pg_add_s32_overflow(addedafter, 1, &addedafter) ||
-+				pg_add_s32_overflow(dim[0], addedafter, &dim[0]))
-+				ereport(ERROR,
-+						(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
-+						 errmsg("array size exceeds the maximum allowed (%d)",
-+								(int) MaxArraySize)));
- 			if (addedafter > 1)
- 				newhasnulls = true; /* will insert nulls */
- 		}
-@@ -2568,14 +2585,23 @@ array_set_element_expanded(Datum arraydatum,
- 	addedbefore = addedafter = 0;
- 
- 	/*
--	 * Check subscripts (this logic matches original array_set_element)
-+	 * Check subscripts (this logic must match array_set_element).  We assume
-+	 * the existing subscripts passed ArrayCheckBounds, so that dim[i] + lb[i]
-+	 * can be computed without overflow.  But we must beware of other
-+	 * overflows in our calculations of new dim[] values.
- 	 */
- 	if (ndim == 1)
- 	{
- 		if (indx[0] < lb[0])
- 		{
--			addedbefore = lb[0] - indx[0];
--			dim[0] += addedbefore;
-+			/* addedbefore = lb[0] - indx[0]; */
-+			/* dim[0] += addedbefore; */
-+			if (pg_sub_s32_overflow(lb[0], indx[0], &addedbefore) ||
-+				pg_add_s32_overflow(dim[0], addedbefore, &dim[0]))
-+				ereport(ERROR,
-+						(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
-+						 errmsg("array size exceeds the maximum allowed (%d)",
-+								(int) MaxArraySize)));
- 			lb[0] = indx[0];
- 			dimschanged = true;
- 			if (addedbefore > 1)
-@@ -2583,8 +2609,15 @@ array_set_element_expanded(Datum arraydatum,
- 		}
- 		if (indx[0] >= (dim[0] + lb[0]))
- 		{
--			addedafter = indx[0] - (dim[0] + lb[0]) + 1;
--			dim[0] += addedafter;
-+			/* addedafter = indx[0] - (dim[0] + lb[0]) + 1; */
-+			/* dim[0] += addedafter; */
-+			if (pg_sub_s32_overflow(indx[0], dim[0] + lb[0], &addedafter) ||
-+				pg_add_s32_overflow(addedafter, 1, &addedafter) ||
-+				pg_add_s32_overflow(dim[0], addedafter, &dim[0]))
-+				ereport(ERROR,
-+						(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
-+						 errmsg("array size exceeds the maximum allowed (%d)",
-+								(int) MaxArraySize)));
- 			dimschanged = true;
- 			if (addedafter > 1)
- 				newhasnulls = true; /* will insert nulls */
-@@ -2866,7 +2899,10 @@ array_set_slice(Datum arraydatum,
- 	addedbefore = addedafter = 0;
- 
- 	/*
--	 * Check subscripts
-+	 * Check subscripts.  We assume the existing subscripts passed
-+	 * ArrayCheckBounds, so that dim[i] + lb[i] can be computed without
-+	 * overflow.  But we must beware of other overflows in our calculations of
-+	 * new dim[] values.
- 	 */
- 	if (ndim == 1)
- 	{
-@@ -2881,18 +2917,31 @@ array_set_slice(Datum arraydatum,
- 					 errmsg("upper bound cannot be less than lower bound")));
- 		if (lowerIndx[0] < lb[0])
- 		{
--			if (upperIndx[0] < lb[0] - 1)
--				newhasnulls = true; /* will insert nulls */
--			addedbefore = lb[0] - lowerIndx[0];
--			dim[0] += addedbefore;
-+			/* addedbefore = lb[0] - lowerIndx[0]; */
-+			/* dim[0] += addedbefore; */
-+			if (pg_sub_s32_overflow(lb[0], lowerIndx[0], &addedbefore) ||
-+				pg_add_s32_overflow(dim[0], addedbefore, &dim[0]))
-+				ereport(ERROR,
-+						(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
-+						 errmsg("array size exceeds the maximum allowed (%d)",
-+								(int) MaxArraySize)));
- 			lb[0] = lowerIndx[0];
-+			if (addedbefore > 1)
-+				newhasnulls = true; /* will insert nulls */
- 		}
- 		if (upperIndx[0] >= (dim[0] + lb[0]))
- 		{
--			if (lowerIndx[0] > (dim[0] + lb[0]))
-+			/* addedafter = upperIndx[0] - (dim[0] + lb[0]) + 1; */
-+			/* dim[0] += addedafter; */
-+			if (pg_sub_s32_overflow(upperIndx[0], dim[0] + lb[0], &addedafter) ||
-+				pg_add_s32_overflow(addedafter, 1, &addedafter) ||
-+				pg_add_s32_overflow(dim[0], addedafter, &dim[0]))
-+				ereport(ERROR,
-+						(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
-+						 errmsg("array size exceeds the maximum allowed (%d)",
-+								(int) MaxArraySize)));
-+			if (addedafter > 1)
- 				newhasnulls = true; /* will insert nulls */
--			addedafter = upperIndx[0] - (dim[0] + lb[0]) + 1;
--			dim[0] += addedafter;
- 		}
- 	}
- 	else
-diff --git a/src/backend/utils/adt/arrayutils.c b/src/backend/utils/adt/arrayutils.c
-index f7c6a51..eb5f2a0 100644
---- a/src/backend/utils/adt/arrayutils.c
-+++ b/src/backend/utils/adt/arrayutils.c
-@@ -63,10 +63,6 @@ ArrayGetOffset0(int n, const int *tup, const int *scale)
-  * This must do overflow checking, since it is used to validate that a user
-  * dimensionality request doesn't overflow what we can handle.
-  *
-- * We limit array sizes to at most about a quarter billion elements,
-- * so that it's not necessary to check for overflow in quite so many
-- * places --- for instance when palloc'ing Datum arrays.
-- *
-  * The multiplication overflow check only works on machines that have int64
-  * arithmetic, but that is nearly all platforms these days, and doing check
-  * divides for those that don't seems way too expensive.
-@@ -77,8 +73,6 @@ ArrayGetNItems(int ndim, const int *dims)
- 	int32		ret;
- 	int			i;
- 
--#define MaxArraySize ((Size) (MaxAllocSize / sizeof(Datum)))
--
- 	if (ndim <= 0)
- 		return 0;
- 	ret = 1;
-diff --git a/src/include/utils/array.h b/src/include/utils/array.h
-index 905f6b0..3e4c09d 100644
---- a/src/include/utils/array.h
-+++ b/src/include/utils/array.h
-@@ -65,6 +65,13 @@
- #include "utils/expandeddatum.h"
- 
- 
-+/*
-+ * Maximum number of elements in an array.  We limit this to at most about a
-+ * quarter billion elements, so that it's not necessary to check for overflow
-+ * in quite so many places --- for instance when palloc'ing Datum arrays.
-+ */
-+#define MaxArraySize ((Size) (MaxAllocSize / sizeof(Datum)))
-+
- /*
-  * Arrays are varlena objects, so must meet the varlena convention that
-  * the first int32 of the object contains the total object size in bytes.
-diff --git a/src/test/regress/expected/arrays.out b/src/test/regress/expected/arrays.out
-index c730563..e4ec394 100644
---- a/src/test/regress/expected/arrays.out
-+++ b/src/test/regress/expected/arrays.out
-@@ -1347,6 +1347,23 @@ insert into arr_pk_tbl(pk, f1[1:2]) values (1, '{6,7,8}') on conflict (pk)
- -- then you didn't get an indexscan plan, and something is busted.
- reset enable_seqscan;
- reset enable_bitmapscan;
-+-- test subscript overflow detection
-+-- The normal error message includes a platform-dependent limit,
-+-- so suppress it to avoid needing multiple expected-files.
-+\set VERBOSITY terse
-+insert into arr_pk_tbl values(10, '[-2147483648:-2147483647]={1,2}');
-+update arr_pk_tbl set f1[2147483647] = 42 where pk = 10;
-+ERROR:  array size exceeds the maximum allowed (134217727)
-+update arr_pk_tbl set f1[2147483646:2147483647] = array[4,2] where pk = 10;
-+ERROR:  array size exceeds the maximum allowed (134217727)
-+-- also exercise the expanded-array case
-+do $$ declare a int[];
-+begin
-+  a := '[-2147483648:-2147483647]={1,2}'::int[];
-+  a[2147483647] := 42;
-+end $$;
-+ERROR:  array size exceeds the maximum allowed (134217727)
-+\set VERBOSITY default
- -- test [not] (like|ilike) (any|all) (...)
- select 'foo' like any (array['%a', '%o']); -- t
-  ?column? 
-diff --git a/src/test/regress/sql/arrays.sql b/src/test/regress/sql/arrays.sql
-index 25dd4e2..4ad6e55 100644
---- a/src/test/regress/sql/arrays.sql
-+++ b/src/test/regress/sql/arrays.sql
-@@ -407,6 +407,25 @@ insert into arr_pk_tbl(pk, f1[1:2]) values (1, '{6,7,8}') on conflict (pk)
- reset enable_seqscan;
- reset enable_bitmapscan;
- 
-+-- test subscript overflow detection
-+
-+-- The normal error message includes a platform-dependent limit,
-+-- so suppress it to avoid needing multiple expected-files.
-+\set VERBOSITY terse
-+
-+insert into arr_pk_tbl values(10, '[-2147483648:-2147483647]={1,2}');
-+update arr_pk_tbl set f1[2147483647] = 42 where pk = 10;
-+update arr_pk_tbl set f1[2147483646:2147483647] = array[4,2] where pk = 10;
-+
-+-- also exercise the expanded-array case
-+do $$ declare a int[];
-+begin
-+  a := '[-2147483648:-2147483647]={1,2}'::int[];
-+  a[2147483647] := 42;
-+end $$;
-+
-+\set VERBOSITY default
-+
- -- test [not] (like|ilike) (any|all) (...)
- select 'foo' like any (array['%a', '%o']); -- t
- select 'foo' like any (array['%a', '%b']); -- f
-
-diff --git a/src/include/common/int.h b/src/include/common/int.h
-new file mode 100644
-index 0000000..d754798
---- /dev/null
-+++ b/src/include/common/int.h
-@@ -0,0 +1,273 @@
-+/*-------------------------------------------------------------------------
-+ *
-+ * int.h
-+ *	  Routines to perform integer math, while checking for overflows.
-+ *
-+ * The routines in this file are intended to be well defined C, without
-+ * relying on compiler flags like -fwrapv.
-+ *
-+ * To reduce the overhead of these routines try to use compiler intrinsics
-+ * where available. That's not that important for the 16, 32 bit cases, but
-+ * the 64 bit cases can be considerably faster with intrinsics. In case no
-+ * intrinsics are available 128 bit math is used where available.
-+ *
-+ * Copyright (c) 2017-2019, PostgreSQL Global Development Group
-+ *
-+ * src/include/common/int.h
-+ *
-+ *-------------------------------------------------------------------------
-+ */
-+#ifndef COMMON_INT_H
-+#define COMMON_INT_H
-+
-+/*
-+ * If a + b overflows, return true, otherwise store the result of a + b into
-+ * *result. The content of *result is implementation defined in case of
-+ * overflow.
-+ */
-+static inline bool
-+pg_add_s16_overflow(int16 a, int16 b, int16 *result)
-+{
-+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
-+	return __builtin_add_overflow(a, b, result);
-+#else
-+	int32		res = (int32) a + (int32) b;
-+
-+	if (res > PG_INT16_MAX || res < PG_INT16_MIN)
-+	{
-+		*result = 0x5EED;		/* to avoid spurious warnings */
-+		return true;
-+	}
-+	*result = (int16) res;
-+	return false;
-+#endif
-+}
-+
-+/*
-+ * If a - b overflows, return true, otherwise store the result of a - b into
-+ * *result. The content of *result is implementation defined in case of
-+ * overflow.
-+ */
-+static inline bool
-+pg_sub_s16_overflow(int16 a, int16 b, int16 *result)
-+{
-+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
-+	return __builtin_sub_overflow(a, b, result);
-+#else
-+	int32		res = (int32) a - (int32) b;
-+
-+	if (res > PG_INT16_MAX || res < PG_INT16_MIN)
-+	{
-+		*result = 0x5EED;		/* to avoid spurious warnings */
-+		return true;
-+	}
-+	*result = (int16) res;
-+	return false;
-+#endif
-+}
-+
-+/*
-+ * If a * b overflows, return true, otherwise store the result of a * b into
-+ * *result. The content of *result is implementation defined in case of
-+ * overflow.
-+ */
-+static inline bool
-+pg_mul_s16_overflow(int16 a, int16 b, int16 *result)
-+{
-+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
-+	return __builtin_mul_overflow(a, b, result);
-+#else
-+	int32		res = (int32) a * (int32) b;
-+
-+	if (res > PG_INT16_MAX || res < PG_INT16_MIN)
-+	{
-+		*result = 0x5EED;		/* to avoid spurious warnings */
-+		return true;
-+	}
-+	*result = (int16) res;
-+	return false;
-+#endif
-+}
-+
-+/*
-+ * If a + b overflows, return true, otherwise store the result of a + b into
-+ * *result. The content of *result is implementation defined in case of
-+ * overflow.
-+ */
-+static inline bool
-+pg_add_s32_overflow(int32 a, int32 b, int32 *result)
-+{
-+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
-+	return __builtin_add_overflow(a, b, result);
-+#else
-+	int64		res = (int64) a + (int64) b;
-+
-+	if (res > PG_INT32_MAX || res < PG_INT32_MIN)
-+	{
-+		*result = 0x5EED;		/* to avoid spurious warnings */
-+		return true;
-+	}
-+	*result = (int32) res;
-+	return false;
-+#endif
-+}
-+
-+/*
-+ * If a - b overflows, return true, otherwise store the result of a - b into
-+ * *result. The content of *result is implementation defined in case of
-+ * overflow.
-+ */
-+static inline bool
-+pg_sub_s32_overflow(int32 a, int32 b, int32 *result)
-+{
-+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
-+	return __builtin_sub_overflow(a, b, result);
-+#else
-+	int64		res = (int64) a - (int64) b;
-+
-+	if (res > PG_INT32_MAX || res < PG_INT32_MIN)
-+	{
-+		*result = 0x5EED;		/* to avoid spurious warnings */
-+		return true;
-+	}
-+	*result = (int32) res;
-+	return false;
-+#endif
-+}
-+
-+/*
-+ * If a * b overflows, return true, otherwise store the result of a * b into
-+ * *result. The content of *result is implementation defined in case of
-+ * overflow.
-+ */
-+static inline bool
-+pg_mul_s32_overflow(int32 a, int32 b, int32 *result)
-+{
-+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
-+	return __builtin_mul_overflow(a, b, result);
-+#else
-+	int64		res = (int64) a * (int64) b;
-+
-+	if (res > PG_INT32_MAX || res < PG_INT32_MIN)
-+	{
-+		*result = 0x5EED;		/* to avoid spurious warnings */
-+		return true;
-+	}
-+	*result = (int32) res;
-+	return false;
-+#endif
-+}
-+
-+/*
-+ * If a + b overflows, return true, otherwise store the result of a + b into
-+ * *result. The content of *result is implementation defined in case of
-+ * overflow.
-+ */
-+static inline bool
-+pg_add_s64_overflow(int64 a, int64 b, int64 *result)
-+{
-+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
-+	return __builtin_add_overflow(a, b, result);
-+#elif defined(HAVE_INT128)
-+	int128		res = (int128) a + (int128) b;
-+
-+	if (res > PG_INT64_MAX || res < PG_INT64_MIN)
-+	{
-+		*result = 0x5EED;		/* to avoid spurious warnings */
-+		return true;
-+	}
-+	*result = (int64) res;
-+	return false;
-+#else
-+	if ((a > 0 && b > 0 && a > PG_INT64_MAX - b) ||
-+		(a < 0 && b < 0 && a < PG_INT64_MIN - b))
-+	{
-+		*result = 0x5EED;		/* to avoid spurious warnings */
-+		return true;
-+	}
-+	*result = a + b;
-+	return false;
-+#endif
-+}
-+
-+/*
-+ * If a - b overflows, return true, otherwise store the result of a - b into
-+ * *result. The content of *result is implementation defined in case of
-+ * overflow.
-+ */
-+static inline bool
-+pg_sub_s64_overflow(int64 a, int64 b, int64 *result)
-+{
-+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
-+	return __builtin_sub_overflow(a, b, result);
-+#elif defined(HAVE_INT128)
-+	int128		res = (int128) a - (int128) b;
-+
-+	if (res > PG_INT64_MAX || res < PG_INT64_MIN)
-+	{
-+		*result = 0x5EED;		/* to avoid spurious warnings */
-+		return true;
-+	}
-+	*result = (int64) res;
-+	return false;
-+#else
-+	if ((a < 0 && b > 0 && a < PG_INT64_MIN + b) ||
-+		(a > 0 && b < 0 && a > PG_INT64_MAX + b))
-+	{
-+		*result = 0x5EED;		/* to avoid spurious warnings */
-+		return true;
-+	}
-+	*result = a - b;
-+	return false;
-+#endif
-+}
-+
-+/*
-+ * If a * b overflows, return true, otherwise store the result of a * b into
-+ * *result. The content of *result is implementation defined in case of
-+ * overflow.
-+ */
-+static inline bool
-+pg_mul_s64_overflow(int64 a, int64 b, int64 *result)
-+{
-+#if defined(HAVE__BUILTIN_OP_OVERFLOW)
-+	return __builtin_mul_overflow(a, b, result);
-+#elif defined(HAVE_INT128)
-+	int128		res = (int128) a * (int128) b;
-+
-+	if (res > PG_INT64_MAX || res < PG_INT64_MIN)
-+	{
-+		*result = 0x5EED;		/* to avoid spurious warnings */
-+		return true;
-+	}
-+	*result = (int64) res;
-+	return false;
-+#else
-+	/*
-+	 * Overflow can only happen if at least one value is outside the range
-+	 * sqrt(min)..sqrt(max) so check that first as the division can be quite a
-+	 * bit more expensive than the multiplication.
-+	 *
-+	 * Multiplying by 0 or 1 can't overflow of course and checking for 0
-+	 * separately avoids any risk of dividing by 0.  Be careful about dividing
-+	 * INT_MIN by -1 also, note reversing the a and b to ensure we're always
-+	 * dividing it by a positive value.
-+	 *
-+	 */
-+	if ((a > PG_INT32_MAX || a < PG_INT32_MIN ||
-+		 b > PG_INT32_MAX || b < PG_INT32_MIN) &&
-+		a != 0 && a != 1 && b != 0 && b != 1 &&
-+		((a > 0 && b > 0 && a > PG_INT64_MAX / b) ||
-+		 (a > 0 && b < 0 && b < PG_INT64_MIN / a) ||
-+		 (a < 0 && b > 0 && a < PG_INT64_MIN / b) ||
-+		 (a < 0 && b < 0 && a < PG_INT64_MAX / b)))
-+	{
-+		*result = 0x5EED;		/* to avoid spurious warnings */
-+		return true;
-+	}
-+	*result = a * b;
-+	return false;
-+#endif
-+}
-+
-+#endif							/* COMMON_INT_H */
--- 
-2.39.3
-

SOURCES/postgresql-10.23.tar.bz2.sha256

@@ -1 +0,0 @@
-94a4b2528372458e5662c18d406629266667c437198160a18cdfd2c4a4d6eee9  postgresql-10.23.tar.bz2

SOURCES/postgresql-9.2.24.tar.bz2.sha256

@@ -1 +0,0 @@
-a754c02f7051c2f21e52f8669a421b50485afcde9a581674d6106326b189d126  postgresql-9.2.24.tar.bz2

generate-sources-and-gitignore.sh

@@ -0,0 +1,13 @@
+#! /bin/sh
+
+rm sources .gitignore
+set -e
+spectool -S *.spec | cut -d' ' -f2 \
+    | grep -E -e 'postgresql-.*\.tar\.*' -e 'postgresql.*\.pdf' | sort | \
+while read line
+do
+    base=`basename "$line"`
+    echo " * handling $base"
+    sha512sum --tag "$base" >> sources
+    echo "/$base" >> .gitignore
+done

hstore-plperl-data-dumper.patch

@@ -0,0 +1,192 @@
+From 69db3b0cfccc0687dfbdf56afcfb2f8e536053c6 Mon Sep 17 00:00:00 2001
+From: Andrew Dunstan <andrew@dunslane.net>
+Date: Sun, 14 May 2017 01:10:18 -0400
+Subject: [PATCH] Suppress indentation from Data::Dumper in regression tests
+
+Ultra-modern versions of the perl Data::Dumper module have apparently
+changed how they indent output. Instead of trying to keep up we choose
+to tell it to supporess all indentation in the hstore_plperl regression
+tests.
+
+Backpatch to 9.5 where this feature was introduced.
+---
+ contrib/hstore_plperl/expected/hstore_plperlu.out | 44 ++++++-----------------
+ contrib/hstore_plperl/sql/hstore_plperlu.sql      |  6 ++++
+ 2 files changed, 17 insertions(+), 33 deletions(-)
+
+diff --git a/contrib/hstore_plperl/expected/hstore_plperlu.out b/contrib/hstore_plperl/expected/hstore_plperlu.out
+index b09fb78..d719d29 100644
+--- a/contrib/hstore_plperl/expected/hstore_plperlu.out
++++ b/contrib/hstore_plperl/expected/hstore_plperlu.out
+@@ -20,15 +20,12 @@ TRANSFORM FOR TYPE hstore
+ AS $$
+ use Data::Dumper;
+ $Data::Dumper::Sortkeys = 1;
++$Data::Dumper::Indent = 0;
+ elog(INFO, Dumper($_[0]));
+ return scalar(keys %{$_[0]});
+ $$;
+ SELECT test1('aa=>bb, cc=>NULL'::hstore);
+-INFO:  $VAR1 = {
+-          'aa' => 'bb',
+-          'cc' => undef
+-        };
+-
++INFO:  $VAR1 = {'aa' => 'bb','cc' => undef};
+  test1 
+ -------
+      2
+@@ -39,12 +36,12 @@ LANGUAGE plperlu
+ AS $$
+ use Data::Dumper;
+ $Data::Dumper::Sortkeys = 1;
++$Data::Dumper::Indent = 0;
+ elog(INFO, Dumper($_[0]));
+ return scalar(keys %{$_[0]});
+ $$;
+ SELECT test1none('aa=>bb, cc=>NULL'::hstore);
+ INFO:  $VAR1 = '"aa"=>"bb", "cc"=>NULL';
+-
+  test1none 
+ -----------
+          0
+@@ -56,15 +53,12 @@ TRANSFORM FOR TYPE hstore
+ AS $$
+ use Data::Dumper;
+ $Data::Dumper::Sortkeys = 1;
++$Data::Dumper::Indent = 0;
+ elog(INFO, Dumper($_[0]));
+ return scalar(keys %{$_[0]});
+ $$;
+ SELECT test1list('aa=>bb, cc=>NULL'::hstore);
+-INFO:  $VAR1 = {
+-          'aa' => 'bb',
+-          'cc' => undef
+-        };
+-
++INFO:  $VAR1 = {'aa' => 'bb','cc' => undef};
+  test1list 
+ -----------
+          2
+@@ -77,18 +71,12 @@ TRANSFORM FOR TYPE hstore
+ AS $$
+ use Data::Dumper;
+ $Data::Dumper::Sortkeys = 1;
++$Data::Dumper::Indent = 0;
+ elog(INFO, Dumper($_[0]->[0], $_[0]->[1]));
+ return scalar(keys %{$_[0]});
+ $$;
+ SELECT test1arr(array['aa=>bb, cc=>NULL'::hstore, 'dd=>ee']);
+-INFO:  $VAR1 = {
+-          'aa' => 'bb',
+-          'cc' => undef
+-        };
+-$VAR2 = {
+-          'dd' => 'ee'
+-        };
+-
++INFO:  $VAR1 = {'aa' => 'bb','cc' => undef};$VAR2 = {'dd' => 'ee'};
+  test1arr 
+ ----------
+         2
+@@ -101,6 +89,7 @@ TRANSFORM FOR TYPE hstore
+ AS $$
+ use Data::Dumper;
+ $Data::Dumper::Sortkeys = 1;
++$Data::Dumper::Indent = 0;
+ 
+ $rv = spi_exec_query(q{SELECT 'aa=>bb, cc=>NULL'::hstore AS col1});
+ elog(INFO, Dumper($rv->{rows}[0]->{col1}));
+@@ -111,13 +100,8 @@ $rv = spi_exec_prepared($plan, {}, $val);
+ elog(INFO, Dumper($rv->{rows}[0]->{col1}));
+ $$;
+ SELECT test3();
+-INFO:  $VAR1 = {
+-          'aa' => 'bb',
+-          'cc' => undef
+-        };
+-
++INFO:  $VAR1 = {'aa' => 'bb','cc' => undef};
+ INFO:  $VAR1 = '"a"=>"1", "b"=>"boo", "c"=>NULL';
+-
+  test3 
+ -------
+  
+@@ -138,6 +122,7 @@ TRANSFORM FOR TYPE hstore
+ AS $$
+ use Data::Dumper;
+ $Data::Dumper::Sortkeys = 1;
++$Data::Dumper::Indent = 0;
+ elog(INFO, Dumper($_TD->{new}));
+ if ($_TD->{new}{a} == 1) {
+     $_TD->{new}{b} = {a => 1, b => 'boo', c => undef};
+@@ -147,14 +132,7 @@ return "MODIFY";
+ $$;
+ CREATE TRIGGER test4 BEFORE UPDATE ON test1 FOR EACH ROW EXECUTE PROCEDURE test4();
+ UPDATE test1 SET a = a;
+-INFO:  $VAR1 = {
+-          'a' => '1',
+-          'b' => {
+-                 'aa' => 'bb',
+-                 'cc' => undef
+-               }
+-        };
+-
++INFO:  $VAR1 = {'a' => '1','b' => {'aa' => 'bb','cc' => undef}};
+ SELECT * FROM test1;
+  a |                b                
+ ---+---------------------------------
+diff --git a/contrib/hstore_plperl/sql/hstore_plperlu.sql b/contrib/hstore_plperl/sql/hstore_plperlu.sql
+index 8d8508c..c714b35 100644
+--- a/contrib/hstore_plperl/sql/hstore_plperlu.sql
++++ b/contrib/hstore_plperl/sql/hstore_plperlu.sql
+@@ -15,6 +15,7 @@ TRANSFORM FOR TYPE hstore
+ AS $$
+ use Data::Dumper;
+ $Data::Dumper::Sortkeys = 1;
++$Data::Dumper::Indent = 0;
+ elog(INFO, Dumper($_[0]));
+ return scalar(keys %{$_[0]});
+ $$;
+@@ -26,6 +27,7 @@ LANGUAGE plperlu
+ AS $$
+ use Data::Dumper;
+ $Data::Dumper::Sortkeys = 1;
++$Data::Dumper::Indent = 0;
+ elog(INFO, Dumper($_[0]));
+ return scalar(keys %{$_[0]});
+ $$;
+@@ -38,6 +40,7 @@ TRANSFORM FOR TYPE hstore
+ AS $$
+ use Data::Dumper;
+ $Data::Dumper::Sortkeys = 1;
++$Data::Dumper::Indent = 0;
+ elog(INFO, Dumper($_[0]));
+ return scalar(keys %{$_[0]});
+ $$;
+@@ -52,6 +55,7 @@ TRANSFORM FOR TYPE hstore
+ AS $$
+ use Data::Dumper;
+ $Data::Dumper::Sortkeys = 1;
++$Data::Dumper::Indent = 0;
+ elog(INFO, Dumper($_[0]->[0], $_[0]->[1]));
+ return scalar(keys %{$_[0]});
+ $$;
+@@ -66,6 +70,7 @@ TRANSFORM FOR TYPE hstore
+ AS $$
+ use Data::Dumper;
+ $Data::Dumper::Sortkeys = 1;
++$Data::Dumper::Indent = 0;
+ 
+ $rv = spi_exec_query(q{SELECT 'aa=>bb, cc=>NULL'::hstore AS col1});
+ elog(INFO, Dumper($rv->{rows}[0]->{col1}));
+@@ -90,6 +95,7 @@ TRANSFORM FOR TYPE hstore
+ AS $$
+ use Data::Dumper;
+ $Data::Dumper::Sortkeys = 1;
++$Data::Dumper::Indent = 0;
+ elog(INFO, Dumper($_TD->{new}));
+ if ($_TD->{new}{a} == 1) {
+     $_TD->{new}{b} = {a => 1, b => 'boo', c => undef};
+-- 
+2.1.4

postgresql.spec

@@ -59,7 +59,7 @@ Summary: PostgreSQL client programs
 Name: postgresql
 %global majorversion 10
 Version: %{majorversion}.23
-Release: 3%{?dist}
+Release: 2%{?dist}
 
 # The PostgreSQL license is very similar to other MIT licenses, but the OSI
 # recognizes it as an independent license, so we do as well.
@@ -110,7 +110,6 @@ Patch9: postgresql-server-pg_config.patch
 Patch10: postgresql-10.15-contrib-dblink-expected-out.patch
 Patch11: postgresql-10.23-CVE-2023-2454.patch
 Patch12: postgresql-10.23-CVE-2023-2455.patch
-Patch13: postgresql-10.23-CVE-2023-5869.patch
 
 BuildRequires: gcc
 BuildRequires: perl(ExtUtils::MakeMaker) glibc-devel bison flex gawk
@@ -372,7 +371,6 @@ benchmarks.
 %patch10 -p1
 %patch11 -p1
 %patch12 -p1
-%patch13 -p1
 
 # We used to run autoconf here, but there's no longer any real need to,
 # since Postgres ships with a reasonably modern configure script.
@@ -1177,12 +1175,6 @@ make -C postgresql-setup-%{setup_version} check
 
 
 %changelog
-* Mon Dec 18 2023 Lubos Kloucek <lubos.kloucek@oracle.com> - 10.23-3
-- Resolves: CVE-2023-5869
-
-* Tue Aug 08 2023 David Sloboda <david.x.sloboda@oracle.com> - 10.23-2.0.1
-- Fixed postgresql port binding issue during bootup [Orabug: 35103668]
-
 * Wed Jul 19 2023 Dominik Rehák <drehak@redhat.com> - 10.23-2
 - Backport fixes for CVE-2023-2454 and CVE-2023-2455
 - Update postgresql-setup to 8.7 (https://github.com/devexp-db/postgresql-setup/pull/35)

sources

@@ -0,0 +1,6 @@
+SHA512 (postgresql-10.23.tar.bz2) = 9fd031cad0c3caacae105215167abd5dc4fdd15dea77a12cb0a977fab6e245e3fda163f202cc7786e50c69e5c3f180d32676a3b18ea30a9a14f0bcab56aa19dd
+SHA512 (postgresql-10.23.tar.bz2.sha256) = 1b8f25bb914b9c87679ff688625889a96f2e0e836a9fd0f19dcdf4e74798d96980cb09cb485cff7069b9fe6b9d5c03e162eac9d0ecb205e8e3f0d83358f641d2
+SHA512 (postgresql-9.2.24.tar.bz2) = a6f043e5ef5e12e23c1c43b26a5ecafce62f3a86f38b5b85e7cb0cb7aa376d40e460a526baf67ae40de40525e4744fb5e48650ee5e007db4ce9742fcf548bd56
+SHA512 (postgresql-9.2.24.tar.bz2.sha256) = 04e5ce7b8a4f8ef281cd3f59e18f41974356e92775c459de61383ba6254d84cb21a7d3a3506ec5416fc3e5090535d5961d9cc7cbe04591217aa9b9e142418170
+SHA512 (postgresql-setup-8.7.tar.gz) = 741f036be517e7d9725e4f146ca7dac8b8a16b6a93d045a64ef268487f48faad6b08317b58e07ad16a31002d2a10de0ac32513a4935c3f22f48ec768a742d1fc
+SHA512 (postgresql-10.23-US.pdf) = 561a7a0ebe539e7f4d7dff890fa14ac0d61e3e5a1a96b99304208208460d9d4d037e2d74766ae071ecbf3ecb22cee24b06b73226c4eafb5c5bb51896cbf441eb