And here's the patch... :-)
Am Freitag, 9. Juli 2004 00:58 schrieb Peter Eisentraut:
> Here's a small round of fixes for buffer overflows. They are related to
> the recent security announcement, namely that the make_string()
> function doesn't check the size of the buffer. The solution is mainly
> based on the patch proposed by Martin Pitt at that time, namely to pass
> the size of the buffer, but I'm leaning more in favor of dynamically
> allocating buffers rather than using fixed-size arrays, so I used that
> approach where possible.
>
> Please inspect. If no one objects I'll install this patch in a few
> days.