]> granicus.if.org Git - postgresql/commit
projects / postgresql / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 15e4d1e) | patch
Adjust datetime parsing to be more robust. We now pass the length of the
authorNeil Conway <neilc@samurai.com>
Thu, 26 May 2005 02:04:14 +0000 (02:04 +0000)
committerNeil Conway <neilc@samurai.com>
Thu, 26 May 2005 02:04:14 +0000 (02:04 +0000)
commit63e0d612f5a53d76218d4e59a35287391e284561
tree1acd1cc27ec9fd5855a6878f5f0d93f0683863e0tree | snapshot
parent15e4d1e2a7f565d805692daad895a07802279aeacommit | diff
Adjust datetime parsing to be more robust. We now pass the length of the
working buffer into ParseDateTime() and reject too-long input there,
rather than checking the length of the input string before calling
ParseDateTime(). The old method was bogus because ParseDateTime() can use
a variable amount of working space, depending on the content of the
input string (e.g. how many fields need to be NUL terminated). This fixes
a minor stack overrun -- I don't _think_ it's exploitable, although I
won't claim to be an expert.

Along the way, fix a bug reported by Mark Dilger: the working buffer
allocated by interval_in() was too short, which resulted in rejecting
some perfectly valid interval input values. I added a regression test for
this fix.
src/backend/utils/adt/date.c diff | blob | history
src/backend/utils/adt/datetime.c diff | blob | history
src/backend/utils/adt/nabstime.c diff | blob | history
src/backend/utils/adt/timestamp.c diff | blob | history
src/include/utils/datetime.h diff | blob | history
src/test/regress/expected/interval.out diff | blob | history
src/test/regress/sql/interval.sql diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.