pgsql: array_in() and array_recv() need to be more paranoid about

Skip site navigation (1) Skip section navigation (2)

Peripheral Links

Text Size: Normal / Large
Donate
Contact

The world's most advanced open source database.

pgsql: array_in() and array_recv() need to be more paranoid about

From:	tgl(at)svr1(dot)postgresql(dot)org (Tom Lane)
To:	pgsql-committers(at)postgresql(dot)org
Subject:	pgsql: array_in() and array_recv() need to be more paranoid about
Date:	2005-08-15 19:40:20
Message-ID:	20050815194020.020C952A2F@svr1.postgresql.org (view raw or flat)
Thread:
Lists:	pgsql-committers

Log Message:
-----------
array_in() and array_recv() need to be more paranoid about validating
their OID parameter.  It was possible to crash the backend with
select array_in('{123}',0,0); because that would bypass the needed step
of initializing the workspace.  These seem to be the only two places
with a problem, though (record_in and record_recv don't have the issue,
and the other array functions aren't depending on user-supplied input).
Back-patch as far as 7.4; 7.3 does not have the bug.

Modified Files:
--------------
    pgsql/src/backend/utils/adt:
        arrayfuncs.c (r1.121 -> r1.122)
        (http://developer.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/adt/arrayfuncs.c.diff?r1=1.121&r2=1.122)

pgsql-committers by date

Next: From: Tom Lane Date: 2005-08-15 19:40:43

Subject: pgsql: array_in() and array_recv() need to be more paranoid about

Previous: From: Tom Lane Date: 2005-08-15 19:05:59

Subject: pgsql: int_array_enum function should be using fcinfo->flinfo->fn_extra

Next:	From: Tom Lane	Date: 2005-08-15 19:40:43
	Subject: pgsql: array_in() and array_recv() need to be more paranoid about
Previous:	From: Tom Lane	Date: 2005-08-15 19:05:59
	Subject: pgsql: int_array_enum function should be using fcinfo->flinfo->fn_extra

Search

Peripheral Links

pgsql: array_in() and array_recv() need to be more paranoid about

pgsql-committers by date