From d1fcc622987c1a5b490b956d89f36ac9fed8f9d1 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Fri, 23 Jun 2017 16:00:45 -0400 Subject: [PATCH] Fix incorrect buffer-length argument to uloc_getDisplayName(). The maxResultSize argument of uloc_getDisplayName is the number of UChars in the output buffer, not the number of bytes. In principle this could result in a stack smash, although at least in my Fedora 25 install there are no ICU locales with display names long enough to overrun the buffer. But it's easily proven to be wrong by reducing the length of displayname to around 20, whereupon a stack smash does happen. (This is a rather scary bug, because the same mistake could easily have been made in other places; but in a quick code search looking at uses of UChar I could not find any other instances.) --- src/backend/commands/collationcmds.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/backend/commands/collationcmds.c b/src/backend/commands/collationcmds.c index a0b3b23816..1c43f0b0ed 100644 --- a/src/backend/commands/collationcmds.c +++ b/src/backend/commands/collationcmds.c @@ -443,7 +443,7 @@ get_icu_locale_comment(const char *localename) status = U_ZERO_ERROR; len_uchar = uloc_getDisplayName(localename, "en", - &displayname[0], sizeof(displayname), + displayname, lengthof(displayname), &status); if (U_FAILURE(status)) ereport(ERROR, -- 2.49.0