sql: negative scale in pgwire binary decimal format crashes node

[DrewKimball]

With the following test case in TestPGTest:

send
Parse {"Name": "s1", "Query": "SELECT $1::decimal"}
Bind {"DestinationPortal": "p1", "PreparedStatement": "s1", "ParameterFormatCodes": [1], "Parameters": [{"binary":"000100010000FFF00001"}]}
Execute {"Portal": "p1"}
Sync
----

until
ReadyForQuery
----

And running that test against an active CRDB node:

./dev test pkg/sql/pgwire -f TestPGTest/_tmp --test-args "-addr=localhost:26257 -user=root"

You can crash the node with a slice out-of-bounds panic. The crash happens because the decimal decoding logic doesn't know how to handle a negative scale (the FFF0 part).

Jira issue: CRDB-57539

[blathers-crl]

Hi @DrewKimball, please add a branch-* label to identify the earliest affected branch for this C-bug

_{🦉 Hoot! I am a Blathers, a bot for CockroachDB. My owner is dev-inf.}

[dils2k]

@DrewKimball Should we add support for negative scale values or simply return an error whenever such a value is provided to prevent crash?

[DrewKimball]

@dils2k I think we should just return an error. IIRC, Postgres also returns an error for a negative scale in the binary format. If that's true, we should make sure to return the same error.