]> git.ipfire.org Git - thirdparty/postgresql.git/commit
projects / thirdparty / postgresql.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 612f953) | patch
Avoid potential buffer overflow crash
authorPeter Eisentraut <peter_e@gmx.net>
Sat, 23 Nov 2013 12:25:37 +0000 (07:25 -0500)
committerPeter Eisentraut <peter_e@gmx.net>
Sat, 23 Nov 2013 12:31:32 +0000 (07:31 -0500)
commit44032290dd23ccc0c227ee2af4f9e8c0e58077e8
tree5de4c4aab0f88c12b8cfbb1f973cad47ce165fa7tree | snapshot
parent612f953c7c3e8f5eed50607b56d461c88196c3a7commit | diff
Avoid potential buffer overflow crash

A pointer to a C string was treated as a pointer to a "name" datum and
passed to SPI_execute_plan().  This pointer would then end up being
passed through datumCopy(), which would try to copy the entire 64 bytes
of name data, thus running past the end of the C string.  Fix by
converting the string to a proper name structure.

Found by LLVM AddressSanitizer.
src/backend/utils/adt/ruleutils.c diff | blob | blame | history
Mirror of https://git.postgresql.org/git/postgresql.git