Skip site navigation (1) Skip section navigation (2)

Re: Cursor support buffer patch

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Ian Lance Taylor <ian(at)airs(dot)com>
Cc: pgsql-patches(at)postgresql(dot)org
Subject: Re: Cursor support buffer patch
Date: 2001-06-06 15:05:11
Message-ID: 23940.991839911@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-patches
Ian Lance Taylor <ian(at)airs(dot)com> writes:
> The code assumed that there would be a '\0' in buf after storing the
> characters in new->refname, but it did nothing to ensure that.

Good catch.

> I can't convince myself that this code does not have the possibility
> of buffer overflow.

It obviously does; the fixed-size buffer should be replaced by a 
PLpgSQL_dstring, probably.  I don't much like the fixed-size
fieldnames[] buffers elsewhere in that file, either.

			regards, tom lane

In response to

pgsql-patches by date

Next:From: Jason TishlerDate: 2001-06-06 16:02:05
Subject: YA readline 4.2 patch
Previous:From: Ian Lance TaylorDate: 2001-06-06 07:02:11
Subject: Patch for cursors with multiple parameters

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group