Re: BUG #14931: Unchecked attnum value in ATExecAlterColumnType()

bianpan2016@163.com writes:
> File: src/backend/commands/tablecmds.c
> Function: ATExecAlterColumnType
> Line: 8986

> The value of field attTup->attnum may be zero or even negative. However, in
> function ATExecAlterColumnType(), its value is incorrectly assumed to be
> larger than or equal to 1. In an exceptional case, it may lead to a buffer
> overflow bug (see lines 8989 and 8990).

I do not think this is a real problem, because ATPrepAlterColumnType
has already checked for attnum <= 0 (at line 8826, in HEAD).  If
ATExecAlterColumnType can't assume that ATPrepAlterColumnType has
already been run, we have more problems than this.

> I also collect a function (i.e. ATExecDropNotNull) in the same file as an
> example, shown as follows:

The division of labor between Prep and Exec functions isn't very uniform
in this file.  That may not be a great thing stylistically, but if we
decide it's something to improve, it'd have to be done holistically not
one point at a time.
        regards, tom lane