]> granicus.if.org Git - postgresql/commit
projects / postgresql / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6bc68af) | patch
Avoid potential buffer overflow crash
authorPeter Eisentraut <peter_e@gmx.net>
Sat, 23 Nov 2013 12:25:37 +0000 (07:25 -0500)
committerPeter Eisentraut <peter_e@gmx.net>
Sat, 23 Nov 2013 12:30:16 +0000 (07:30 -0500)
commit0f8ff3e467b2b52e8c0c44b01a1f9a4495949ba1
treef497893a0fee6d0b1ac947de564da9b879158797tree | snapshot
parent6bc68af1dc29db9afc49e77f70de0dec7653c8e5commit | diff
Avoid potential buffer overflow crash

A pointer to a C string was treated as a pointer to a "name" datum and
passed to SPI_execute_plan().  This pointer would then end up being
passed through datumCopy(), which would try to copy the entire 64 bytes
of name data, thus running past the end of the C string.  Fix by
converting the string to a proper name structure.

Found by LLVM AddressSanitizer.
src/backend/utils/adt/ruleutils.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.