git.ipfire.org Git - thirdparty/postgresql.git/commit

author	Andres Freund <andres@anarazel.de>
	Fri, 14 Feb 2025 22:44:28 +0000 (17:44 -0500)
committer	Andres Freund <andres@anarazel.de>
	Fri, 14 Feb 2025 23:09:24 +0000 (18:09 -0500)
commit	22ffbbf24db4e5996abcf376ef1735346d4b6f75
tree	e6f42b5b17c4b4564f05a47171b4d054471d1f16	tree
parent	cb19cd956f685558b5b6b3d49db6cff01d35726f	commit \| diff

Fix PQescapeLiteral()/PQescapeIdentifier() length handling

In 5dc1e42b4fa I fixed bugs in various escape functions, unfortunately as part
of that I introduced a new bug in PQescapeLiteral()/PQescapeIdentifier(). The
bug is that I made PQescapeInternal() just use strlen(), rather than taking
the specified input length into account.

That's bad, because it can lead to including input that wasn't intended to be
included (in case len is shorter than null termination of the string) and
because it can lead to reading invalid memory if the input string is not null
terminated.

Expand test_escape to this kind of bug:

a) for escape functions with length support, append data that should not be
escaped and check that it is not

b) add valgrind requests to detect access of bytes that should not be touched

Author: Tom Lane <tgl@sss.pgh.pa.us>
Author: Andres Freund <andres@anarazel.de
Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us>
Reviewed-by: Noah Misch <noah@leadboat.com>
Discussion: https://postgr.es/m/Z64jD3u46gObCo1p@pryzbyj2023
Backpatch: 13

src/interfaces/libpq/fe-exec.c		diff \| blob \| blame \| history
src/test/modules/test_escape/test_escape.c		diff \| blob \| blame \| history