Minor binary-search int overflow in timezone code

Hi,

a fellow Debian Developer found a minor glitch in
src/timezone/localtime.c, where binary search is used. Now I don't
think there is an actual problem (unless there's > 2^30 timezones),
but it would at least make sense to mark the code as okayish so that
people running code scanners won't stumble over the issue again.

The attached patch added comments to address this.

Date: Sun, 30 Nov 2014 22:06:42 +0100
From: Niels Thykier <niels@thykier.net>
Reply-To: Niels Thykier <niels@thykier.net>, 771580@bugs.debian.org
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: [Pkg-postgresql-public] Bug#771580: postgresql-9.4: Minor binary-search
    int overflow

Source: postgresql-9.4
Version: 9.4~rc1-1
Severity: minor


Hi,

I stumbled on the folowing snippet from src/timezone/localtime.c,
function pg_interpret_timezone_abbrev:

       {
               int                     lo = 0;
               int                     hi = sp->timecnt;

               while (lo < hi)
               {
                       int                     mid = (lo + hi) >> 1;
                                                       ^^^^^^^

This looks it is subject to a known int overflow, when (original) hi
is close to INT_MAX and the item being close to then end of the array.

~Niels

[The original report had a link here to the googleresearch blog , but
the PG list servers think it is spam :(]