Skip site navigation (1) Skip section navigation (2)

Re: BUG #1189: unbounded string copy in postmaster

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "George Gal" <ggal(at)vsecurity(dot)com>
Cc: pgsql-bugs(at)postgresql(dot)org
Subject: Re: BUG #1189: unbounded string copy in postmaster
Date: 2004-07-10 23:31:34
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-bugs
"PostgreSQL Bugs List" <pgsql-bugs(at)postgresql(dot)org> writes:
> Looks like the -o command line option doesn't perform any bounds checking on 
> the option before copying to the ExtraOptions[1024] char array. [line 529 of 
> postmaster.c]  

I cannot get super excited about this, since the person or script
starting the postmaster has to be trusted anyway.  But I've tweaked
the code to prevent a buffer overrun here.

			regards, tom lane

In response to

pgsql-bugs by date

Next:From: Bruce MomjianDate: 2004-07-11 03:14:25
Subject: Re: Dump/Restore of cvs regression database gives invalid timestamp
Previous:From: Tom LaneDate: 2004-07-10 19:31:03
Subject: Re: [BUGS] BUG #1118: Misleading Commit message

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group