pg_standby: Avoid writing one byte beyond the end of the buffer.

Previously, read() might have returned a length equal to the buffer
length, and then the subsequent store to buf[len] would write a
zero-byte one byte past the end.  This doesn't seem likely to be
a security issue, but there's some chance it could result in
pg_standby misbehaving.

Spotted by Coverity; patch by Michael Paquier, reviewed by me.

diff --git a/contrib/pg_standby/pg_standby.c b/contrib/pg_standby/pg_standby.c
index a99b94ef1b545c244e09f59a550aafe504c8dc74..68b6e44a3ec32e298db45e7c4f1c4e19b987aa03 100644 (file)
--- a/contrib/pg_standby/pg_standby.c
+++ b/contrib/pg_standby/pg_standby.c
@@ -435,7 +435,7 @@ CheckForExternalTrigger(void)
                return;
        }
 
-       if ((len = read(fd, buf, sizeof(buf))) < 0)
+       if ((len = read(fd, buf, sizeof(buf) - 1)) < 0)
        {
                fprintf(stderr, "WARNING: could not read \"%s\": %s\n",
                                triggerPath, strerror(errno));