Skip site navigation (1) Skip section navigation (2)

Bug #478: Integer overflow in pg_dump

From: pgsql-bugs(at)postgresql(dot)org
To: pgsql-bugs(at)postgresql(dot)org
Subject: Bug #478: Integer overflow in pg_dump
Date: 2001-10-11 10:37:44
Message-ID: 200110111037.f9BAbiV01460@postgresql.org (view raw or flat)
Thread:
Lists: pgsql-bugs
Premysl Maly (premek(dot)maly(at)seznam(dot)cz) reports a bug with a severity of 2
The lower the number the more severe it is.

Short Description
Integer overflow in pg_dump

Long Description
Talking about version pg_dump  (7.1.3)


Well, it fails, when dumping databases indices (while dumping comment on indexes). I hacked the source code and found the select which failed. It is on line 3036 of file pg_dump.

The select looks like:

SELECT description FROM pg_description where oid = 4294958683

it fails always with dtoi4: Integer out of range

I hacked a source, so now the searched oid is qouted:

SELECT description FROM pg_description where oid = '4294958683'

and the bug is gone. Please in a new release look at that. Large numbers should be qouted otherwise they kill SELECT query.

See you 

Premek


Sample Code

in pg_dump source on lines 3036-7 should be:

appendPQExpBuffer(query, "SELECT description FROM pg_description where oid = '");
appendPQExpBuffer(query,oid); appendPQExpBuffer(query,"'");

instead of

appendPQExpBuffer(query, "SELECT description FROM pg_description where oid = ");
appendPQExpBuffer(query,oid);



No file was uploaded with this report


Responses

pgsql-bugs by date

Next:From: Bruce MomjianDate: 2001-10-11 16:49:57
Subject: Re: Bug #463: Make 'infinity' work with type 'date'
Previous:From: Lee KindnessDate: 2001-10-11 08:27:44
Subject: Btree index ignored on SELECT until VACUUM ANALYZE

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group