]> granicus.if.org Git - postgresql/commit
projects / postgresql / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 64a6285) | patch
Fix array overrun in ecpg's version of ParseDateTime().
authorTom Lane <tgl@sss.pgh.pa.us>
Tue, 7 Oct 2014 01:23:20 +0000 (21:23 -0400)
committerTom Lane <tgl@sss.pgh.pa.us>
Tue, 7 Oct 2014 01:23:50 +0000 (21:23 -0400)
commitd9a1e9de54747354073fdc3e9bfb45258533da4c
treed9d046bb2d21ba9ba80fd525d543cf59a913097dtree | snapshot
parent64a628576700f9a0afc67f062e8fedf1fe6c3a57commit | diff
Fix array overrun in ecpg's version of ParseDateTime().

The code wrote a value into the caller's field[] array before checking
to see if there was room, which of course is backwards.  Per report from
Michael Paquier.

I fixed the equivalent bug in the backend's version of this code way back
in 630684d3a130bb93, but failed to think about ecpg's copy.  Fortunately
this doesn't look like it would be exploitable for anything worse than a
core dump: an external attacker would have no control over the single word
that gets written.
src/interfaces/ecpg/pgtypeslib/dt_common.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.