]> git.ipfire.org Git - thirdparty/postgresql.git/commitdiff
projects / thirdparty / postgresql.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6f0bff3)
Use palloc_array() in a few more places to avoid overflow
authorHeikki Linnakangas <heikki.linnakangas@iki.fi>
Mon, 11 May 2026 18:18:06 +0000 (21:18 +0300)
committerHeikki Linnakangas <heikki.linnakangas@iki.fi>
Mon, 11 May 2026 18:29:08 +0000 (21:29 +0300)
These could overflow on 32-bit systems.

Backpatch-through: 14
Security: CVE-2026-6473

contrib/hstore_plperl/hstore_plperl.c patch | blob | blame | history
contrib/hstore_plpython/hstore_plpython.c patch | blob | blame | history

diff --git a/contrib/hstore_plperl/hstore_plperl.c b/contrib/hstore_plperl/hstore_plperl.c
index 4a1629cad512e1124bbf848503cce09a2762d6cc..945b90eba64ccac200e05181f4b0fef56b48da2a 100644 (file)
--- a/contrib/hstore_plperl/hstore_plperl.c
+++ b/contrib/hstore_plperl/hstore_plperl.c
@@ -118,7 +118,7 @@ plperl_to_hstore(PG_FUNCTION_ARGS)
 
        pcount = hv_iterinit(hv);
 
-       pairs = palloc(pcount * sizeof(Pairs));
+       pairs = palloc_array(Pairs, pcount);
 
        i = 0;
        while ((he = hv_iternext(hv)))
diff --git a/contrib/hstore_plpython/hstore_plpython.c b/contrib/hstore_plpython/hstore_plpython.c
index 310f63c30d48193b3944458c6469cc463c97fff6..8dea01cb6d2937b2d9ed55f802df4303e7d5f21a 100644 (file)
--- a/contrib/hstore_plpython/hstore_plpython.c
+++ b/contrib/hstore_plpython/hstore_plpython.c
@@ -147,7 +147,7 @@ plpython_to_hstore(PG_FUNCTION_ARGS)
                Py_ssize_t      i;
                Pairs      *pairs;
 
-               pairs = palloc(pcount * sizeof(*pairs));
+               pairs = palloc_array(Pairs, pcount);
 
                for (i = 0; i < pcount; i++)
                {
Mirror of https://git.postgresql.org/git/postgresql.git