From: Itagaki Takahiro <itagaki.takahiro@gmail.com>
Date: Tue, 5 Jan 2010 01:29:36 +0000 (+0000)
Subject: Verify input in pg_read_file().
X-Git-Tag: REL9_0_ALPHA4~351
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c3a1eae252d2a5e5e8ff81b79f88b1bc12b5e01e;p=postgresql

Verify input in pg_read_file().
---

diff --git a/src/backend/utils/adt/genfile.c b/src/backend/utils/adt/genfile.c
index ff77c19da1..863727dc01 100644
--- a/src/backend/utils/adt/genfile.c
+++ b/src/backend/utils/adt/genfile.c
@@ -9,7 +9,7 @@
  * Author: Andreas Pflug <pgadmin@pse-consulting.de>
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/utils/adt/genfile.c,v 1.22 2010/01/02 16:57:54 momjian Exp $
+ *	  $PostgreSQL: pgsql/src/backend/utils/adt/genfile.c,v 1.23 2010/01/05 01:29:36 itagaki Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -22,6 +22,7 @@
 
 #include "catalog/pg_type.h"
 #include "funcapi.h"
+#include "mb/pg_wchar.h"
 #include "miscadmin.h"
 #include "postmaster/syslogger.h"
 #include "storage/fd.h"
@@ -131,6 +132,9 @@ pg_read_file(PG_FUNCTION_ARGS)
 				(errcode_for_file_access(),
 				 errmsg("could not read file \"%s\": %m", filename)));
 
+	/* Make sure the input is valid */
+	pg_verifymbstr(VARDATA(buf), nbytes, false);
+
 	SET_VARSIZE(buf, nbytes + VARHDRSZ);
 
 	FreeFile(file);