From 2f862972c965192d35ad8a9d2a7543f351828161 Mon Sep 17 00:00:00 2001
From: Daniele Varrazzo <daniele.varrazzo@gmail.com>
Date: Thu, 11 Sep 2014 01:06:57 +0100
Subject: [PATCH] Guard against overflows when using the lo32 api

If psycopg supports lo64 but the server doesn't the user may pass values
that would overflow the api range, resulting in:

    lo.seek((2<<30))
    *** OperationalError: ERROR:  invalid seek offset: -2147483648

Also improved the error messages and guard against INT_MIN for negative
seek offsets.
---
 psycopg/lobject_type.c | 35 ++++++++++++++++++++++++++++-------
 1 file changed, 28 insertions(+), 7 deletions(-)

diff --git a/psycopg/lobject_type.c b/psycopg/lobject_type.c
index a25240c1..ec95b5cf 100644
--- a/psycopg/lobject_type.c
+++ b/psycopg/lobject_type.c
@@ -175,10 +175,21 @@ psyco_lobj_seek(lobjectObject *self, PyObject *args)
     EXC_IF_LOBJ_LEVEL0(self);
     EXC_IF_LOBJ_UNMARKED(self);
 
-#ifndef HAVE_LO64
-    if (offset > INT_MAX) {
-        psyco_set_error(InterfaceError, NULL,
-            "offset out of range");
+#ifdef HAVE_LO64
+    if ((offset < INT_MIN || offset > INT_MAX)
+            && self->conn->server_version < 90300) {
+        PyErr_Format(NotSupportedError,
+            "offset out of range (%ld): server version %d "
+            "does not support the lobject 64 API",
+            offset, self->conn->server_version);
+        return NULL;
+    }
+#else
+    if (offset < INT_MIN || offset > INT_MAX) {
+        PyErr_Format(InterfaceError,
+            "offset out of range (%ld): this psycopg version was not built "
+            "with lobject 64 API support",
+            offset);
         return NULL;
     }
 #endif
@@ -272,10 +283,20 @@ psyco_lobj_truncate(lobjectObject *self, PyObject *args)
     EXC_IF_LOBJ_LEVEL0(self);
     EXC_IF_LOBJ_UNMARKED(self);
 
-#ifndef HAVE_LO64
+#ifdef HAVE_LO64
+    if (len > INT_MAX && self->conn->server_version < 90300) {
+        PyErr_Format(NotSupportedError,
+            "len out of range (%ld): server version %d "
+            "does not support the lobject 64 API",
+            len, self->conn->server_version);
+        return NULL;
+    }
+#else
     if (len > INT_MAX) {
-        psyco_set_error(InterfaceError, NULL,
-            "len out of range");
+        PyErr_Format(InterfaceError,
+            "len out of range (%ld): this psycopg version was not built "
+            "with lobject 64 API support",
+            len);
         return NULL;
     }
 #endif