char *str = PG_GETARG_CSTRING(0);
chkpass *result;
char mysalt[4];
+ char *crypt_output;
static char salt_chars[] =
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
mysalt[1] = salt_chars[random() & 0x3f];
mysalt[2] = 0; /* technically the terminator is not necessary
* but I like to play safe */
- strcpy(result->password, crypt(str, mysalt));
+
+ crypt_output = crypt(str, mysalt);
+ if (crypt_output == NULL)
+ ereport(ERROR,
+ (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
+ errmsg("crypt() failed")));
+
+ strlcpy(result->password, crypt_output, sizeof(result->password));
+
PG_RETURN_POINTER(result);
}
chkpass *a1 = (chkpass *) PG_GETARG_POINTER(0);
text *a2 = PG_GETARG_TEXT_PP(1);
char str[9];
+ char *crypt_output;
text_to_cstring_buffer(a2, str, sizeof(str));
- PG_RETURN_BOOL(strcmp(a1->password, crypt(str, a1->password)) == 0);
+ crypt_output = crypt(str, a1->password);
+ if (crypt_output == NULL)
+ ereport(ERROR,
+ (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
+ errmsg("crypt() failed")));
+
+ PG_RETURN_BOOL(strcmp(a1->password, crypt_output) == 0);
}
PG_FUNCTION_INFO_V1(chkpass_ne);
chkpass *a1 = (chkpass *) PG_GETARG_POINTER(0);
text *a2 = PG_GETARG_TEXT_PP(1);
char str[9];
+ char *crypt_output;
text_to_cstring_buffer(a2, str, sizeof(str));
- PG_RETURN_BOOL(strcmp(a1->password, crypt(str, a1->password)) != 0);
+ crypt_output = crypt(str, a1->password);
+ if (crypt_output == NULL)
+ ereport(ERROR,
+ (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
+ errmsg("crypt() failed")));
+
+ PG_RETURN_BOOL(strcmp(a1->password, crypt_output) != 0);
}
if (strcmp(restartWALFileName, nextWALFileName) > 0)
return false;
- strcpy(exclusiveCleanupFileName, restartWALFileName);
+ strlcpy(exclusiveCleanupFileName, restartWALFileName, sizeof(exclusiveCleanupFileName));
return true;
}
* see them
*/
XLogCtl->RecoveryTargetTLI = recoveryTargetTLI;
- strncpy(XLogCtl->archiveCleanupCommand,
+ strlcpy(XLogCtl->archiveCleanupCommand,
archiveCleanupCommand ? archiveCleanupCommand : "",
sizeof(XLogCtl->archiveCleanupCommand));
}
Conf->Spell[Conf->nspell] = (SPELL *) tmpalloc(SPELLHDRSZ + strlen(word) + 1);
strcpy(Conf->Spell[Conf->nspell]->word, word);
- strncpy(Conf->Spell[Conf->nspell]->p.flag, flag, MAXFLAGLEN);
+ strlcpy(Conf->Spell[Conf->nspell]->p.flag, flag, MAXFLAGLEN);
Conf->nspell++;
}
* Note that this table must be strictly alphabetically ordered to allow an
* O(ln(N)) search algorithm to be used.
*
- * The text field is NOT guaranteed to be NULL-terminated.
+ * The token field is NOT guaranteed to be NULL-terminated.
*
- * To keep this table reasonably small, we divide the lexval for TZ and DTZ
- * entries by 15 (so they are on 15 minute boundaries) and truncate the text
+ * To keep this table reasonably small, we divide the value for TZ and DTZ
+ * entries by 15 (so they are on 15 minute boundaries) and truncate the token
* field at TOKMAXLEN characters.
* Formerly, we divided by 10 rather than 15 but there are a few time zones
* which are 30 or 45 minutes away from an even hour, most are on an hour
static int sztimezonetktbl = 0;
static const datetkn datetktbl[] = {
-/* text, token, lexval */
+ /* token, type, value */
{EARLY, RESERV, DTK_EARLY}, /* "-infinity" reserved for "early time" */
{DA_D, ADBC, AD}, /* "ad" for years > 0 */
{"allballs", RESERV, DTK_ZULU}, /* 00:00:00 */
static int szdatetktbl = sizeof datetktbl / sizeof datetktbl[0];
static datetkn deltatktbl[] = {
- /* text, token, lexval */
+ /* token, type, value */
{"@", IGNORE_DTF, 0}, /* postgres relative prefix */
{DAGO, AGO, 0}, /* "ago" indicates negative time offset */
{"c", UNITS, DTK_CENTURY}, /* "century" relative */
n * sizeof(datetkn));
for (i = 0; i < n; i++)
{
+ /* do NOT use strlcpy here; token field need not be null-terminated */
strncpy(newtbl[i].token, abbrevs[i].abbrev, TOKMAXLEN);
newtbl[i].type = abbrevs[i].is_dst ? DTZ : TZ;
TOVAL(&newtbl[i], abbrevs[i].offset / 60);
fprintf(stderr, "%s", authwarning);
/* Get directory specification used to start this executable */
- strcpy(bin_dir, argv[0]);
+ strlcpy(bin_dir, argv[0], sizeof(bin_dir));
get_parent_directory(bin_dir);
printf(_("\nSuccess. You can now start the database server using:\n\n"
yytext[i] = '\0';
memmove(yytext, yytext+1, strlen(yytext));
- strncpy(inc_file, yytext, sizeof(inc_file));
+ strlcpy(inc_file, yytext, sizeof(inc_file));
yyin = fopen(inc_file, "r");
if (!yyin)
{
if (!conn->result)
return;
}
- strncpy(conn->result->cmdStatus, conn->workBuffer.data,
+ strlcpy(conn->result->cmdStatus, conn->workBuffer.data,
CMDSTATUS_LEN);
checkXactStatus(conn, conn->workBuffer.data);
conn->asyncStatus = PGASYNC_READY;
if (!conn->result)
return;
}
- strncpy(conn->result->cmdStatus, conn->workBuffer.data,
+ strlcpy(conn->result->cmdStatus, conn->workBuffer.data,
CMDSTATUS_LEN);
conn->asyncStatus = PGASYNC_READY;
break;
if (strlen(path) >= strlen(".exe") &&
pg_strcasecmp(path + strlen(path) - strlen(".exe"), ".exe") != 0)
{
- strcpy(path_exe, path);
+ strlcpy(path_exe, path, sizeof(path_exe) - 4);
strcat(path_exe, ".exe");
path = path_exe;
}
}
/* must copy final component out of 'path' temporarily */
- strcpy(link_buf, fname);
+ strlcpy(link_buf, fname, sizeof(link_buf));
if (!getcwd(path, MAXPGPATH))
{
*/
platform_expectfile = get_expectfile(testname, resultsfile);
- strcpy(expectfile, default_expectfile);
+ strlcpy(expectfile, default_expectfile, sizeof(expectfile));
if (platform_expectfile)
{
/*
{
/* This diff was a better match than the last one */
best_line_count = l;
- strcpy(best_expect_file, alt_expectfile);
+ strlcpy(best_expect_file, alt_expectfile, sizeof(best_expect_file));
}
free(alt_expectfile);
}
{
/* This diff was a better match than the last one */
best_line_count = l;
- strcpy(best_expect_file, default_expectfile);
+ strlcpy(best_expect_file, default_expectfile, sizeof(best_expect_file));
}
}
* Loop to split the given name into directory levels; for each level,
* search using scan_directory_ci().
*/
- strcpy(fullname, pg_TZDIR());
+ strlcpy(fullname, pg_TZDIR(), sizeof(fullname));
orignamelen = fullnamelen = strlen(fullname);
fname = name;
for (;;)
}
/* Search for the best-matching timezone file */
- strcpy(tmptzdir, pg_TZDIR());
+ strlcpy(tmptzdir, pg_TZDIR(), sizeof(tmptzdir));
bestscore = -1;
resultbuf[0] = '\0';
scan_available_timezones(tmptzdir, tmptzdir + strlen(tmptzdir) + 1,
projects / postgresql / commitdiff