| From: | hlinnaka(at)iki(dot)fi |
|---|---|
| To: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | BUG #14468: One byte buffer overlow in quote_literal_cstr() |
| Date: | 2016-12-16 10:50:01 |
| Message-ID: | 20161216105001.13334.42819@wrigleys.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
The following bug has been logged on the website:
Bug reference: 14468
Logged by: Heikki Linnakangas
Email address: hlinnaka(at)iki(dot)fi
PostgreSQL version: 9.6.1
Operating system: All
Description:
postgres=# select format('%L', E'\\');
WARNING: detected write past chunk end in ExprContext 0x55c65ff98fa8
format
--------
E'\\'
(1 row)
This was originally reported against Greenplum, at
https://github.com/greenplum-db/gpdb/issues/1301. The code there isn't quite
the same, but it turned out to be a shared bug.
Looking at quote_literal_cstr(), it simply doesn't take into account the
space needed for the NULL terminator, when it allocates the buffer. The fix
is a straightforward + 1 to the allocation. I'll go and do that shortly, and
backpatch.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2016-12-16 14:43:51 | Re: BUG #14468: One byte buffer overlow in quote_literal_cstr() |
| Previous Message | Rahul Kumar | 2016-12-16 09:53:48 | Re: BUG #14467: Insertion Issue with Hibernate |