Back-patch Neil's four additional buffer overrun checks.

author Tom Lane <tgl@sss.pgh.pa.us>

Tue, 8 Feb 2005 18:22:45 +0000 (18:22 +0000)

committer Tom Lane <tgl@sss.pgh.pa.us>

Tue, 8 Feb 2005 18:22:45 +0000 (18:22 +0000)
author Tom Lane <tgl@sss.pgh.pa.us>
Tue, 8 Feb 2005 18:22:45 +0000 (18:22 +0000)
committer Tom Lane <tgl@sss.pgh.pa.us>
Tue, 8 Feb 2005 18:22:45 +0000 (18:22 +0000)
diff --git a/src/pl/plpgsql/src/gram.y b/src/pl/plpgsql/src/gram.y

index 30cc0e928954c5ee38bb1a6297eacd05cbf5348b..03babed2a173de0ed8b009a94542b7928142db36 100644 (file)
--- a/src/pl/plpgsql/src/gram.y
+++ b/src/pl/plpgsql/src/gram.y
@@ -4,7 +4,7 @@
   *                                               procedural language
   *
   * IDENTIFICATION
- *       $Header: /cvsroot/pgsql/src/pl/plpgsql/src/gram.y,v 1.39.2.1 2005/01/27 01:44:42 neilc Exp $
+ *       $Header: /cvsroot/pgsql/src/pl/plpgsql/src/gram.y,v 1.39.2.2 2005/02/08 18:22:45 tgl Exp $
   *
   *       This software is copyrighted by Jan Wieck - Hamburg.
   *
@@ -1612,6 +1612,14 @@ read_sql_construct(int until,
                 }
                 if (plpgsql_SpaceScanned)
                         plpgsql_dstring_append(&ds, " ");
+
+               /* Check for array overflow */
+               if (nparams >= 1024)
+               {
+                       plpgsql_error_lineno = lno;
+                       elog(ERROR, "too many variables specified in SQL statement");
+               }
+
                 switch (tok)
                 {
                         case T_VARIABLE:
@@ -1761,6 +1769,13 @@ make_select_stmt(void)
  
                                         while ((tok = yylex()) == ',')
                                         {
+                                               /* Check for array overflow */
+                                               if (nfields >= 1024)
+                                               {
+                                                       plpgsql_error_lineno = yylineno;
+                                                       elog(ERROR, "too many INTO variables specified");
+                                               }
+
                                                 tok = yylex();
                                                 switch(tok)
                                                 {
@@ -1809,6 +1824,14 @@ make_select_stmt(void)
  
                 if (plpgsql_SpaceScanned)
                         plpgsql_dstring_append(&ds, " ");
+
+               /* Check for array overflow */
+               if (nparams >= 1024)
+               {
+                       plpgsql_error_lineno = yylineno;
+                       elog(ERROR, "too many variables specified in SQL statement");
+               }
+
                 switch (tok)
                 {
                         case T_VARIABLE:
@@ -1892,6 +1915,13 @@ make_fetch_stmt(void)
  
                                 while ((tok = yylex()) == ',')
                                 {
+                                       /* Check for array overflow */
+                                       if (nfields >= 1024)
+                                       {
+                                               plpgsql_error_lineno = yylineno;
+                                               elog(ERROR, "too many INTO variables specified");
+                                       }
+
                                         tok = yylex();
                                         switch(tok)
                                         {
author	Tom Lane <tgl@sss.pgh.pa.us>
	Tue, 8 Feb 2005 18:22:45 +0000 (18:22 +0000)
committer	Tom Lane <tgl@sss.pgh.pa.us>
	Tue, 8 Feb 2005 18:22:45 +0000 (18:22 +0000)