From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | "Christopher Kings-Lynne" <chriskl(at)familyhealth(dot)com(dot)au> |
Cc: | "Justin Clift" <justin(at)postgresql(dot)org>, "PostgreSQL Hackers Mailing List" <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Interesting message about printf()'s in PostgreSQL |
Date: | 2002-08-12 04:54:09 |
Message-ID: | 27482.1029128049@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
"Christopher Kings-Lynne" <chriskl(at)familyhealth(dot)com(dot)au> writes:
> ... Anyway, who cares about printfs
> when stuff like select cash_out(2) is documented?
Well, they're two different issues. The cash_out problem is
intrinsically difficult to fix, and *will* break user-defined datatypes
when we fix it --- so I'm not eager to rush in a half-baked fix.
OTOH, sprintf overruns are usually localized fixes, and there's no
excuse for letting one go once we've identified it.
I've just finished a quick grep through the backend sources for
"sprintf", and identified the following files as containing possible
problems:
src/backend/port/dynloader/freebsd.c
src/backend/port/dynloader/netbsd.c
src/backend/port/dynloader/nextstep.c
src/backend/port/dynloader/openbsd.c
src/include/libpq/pqcomm.h
src/pl/plpgsql/src/pl_comp.c
Will work on these. There are a lot of sprintf's in contrib/ as well;
anyone care to eyeball those? Anyone want to look for other trouble spots?
BTW, one should distinguish "an already-authorized user is able to force
a database restart" from more dire conditions such as "any random
cracker can get root on your box". I'm getting fairly tired of
chicken-little warnings from people who should know better.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Bruce Momjian | 2002-08-12 05:06:31 | Re: stand-alone composite types patch (was [HACKERS] Proposal: |
Previous Message | Christopher Kings-Lynne | 2002-08-12 04:47:38 | Re: cash_out bug |