| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Xi Wang <xi(dot)wang(at)gmail(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [PATCH] avoid buffer underflow in errfinish() |
| Date: | 2013-11-30 19:00:46 |
| Message-ID: | 20131130190046.GB11181@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Mar 27, 2013 at 08:45:51AM -0400, Robert Haas wrote:
> On Sat, Mar 23, 2013 at 6:38 PM, Xi Wang <xi(dot)wang(at)gmail(dot)com> wrote:
> > CHECK_STACK_DEPTH checks if errordata_stack_depth is negative.
> > Move the dereference of &errordata[errordata_stack_depth] after
> > the check to avoid out-of-bounds read.
>
> This seems sensible and I'm inclined to commit it. It's unlikely to
> matter very much in practice, since the only point of checking the
> stack depth in the first place is to catch a seemingly-unlikely coding
> error; and it's unlikely that referencing beyond the stack bounds
> would do anything too horrible, either. But we may as well do it
> right.
Was this ever dealt with?
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ Everyone has their own god. +
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeffrey Walton | 2013-11-30 19:58:34 | Re: fe-secure.c and SSL/TLS |
| Previous Message | Kevin Grittner | 2013-11-30 18:12:17 | Re: select_common_type()'s behavior doesn't match the documentation |