Overruns (was: 'pgsql/src/backend/lib stringinfo.c')

From: Goran Thyni <goran(at)bildbasen(dot)se>
To: Bruce Momjian <maillist(at)candle(dot)pha(dot)pa(dot)us>
Cc: Tom Lane <tgl(at)hub(dot)org>, PostgreSQL-development <hackers(at)postgreSQL(dot)org>
Subject: Overruns (was: 'pgsql/src/backend/lib stringinfo.c')
Date: 1998-11-09 08:40:54
Message-ID: 3646AA96.5E577ECE@bildbasen.se
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Bruce Momjian wrote:
>
> > Update of /usr/local/cvsroot/pgsql/src/backend/lib
> > In directory hub.org:/tmp/cvs-serv21717
> >
> > Modified Files:
> > stringinfo.c
> > Log Message:
> > Fix a potential infinite loop in appendStringInfo: would lock
> > up if first string to be appended to an empty StringInfo was longer
> > than the initial space allocation.
> > Also speed it up slightly.
>
> Does this remove the need for vsnprintf?

I don't think so,
vsprintf is still used if 6 places in to src tree, 5 of them is in
the backend. Each of these should be examined to determent wheater
those can be rewritten or if vsnprintf is needed.

To make matter worse:

guevara-goran# pwd
/usr/local/src/cvs/pgsql/src
guevara-goran# grep -n sprintf `find .` | wc -l
875
guevara-goran# cd backend/
guevara-goran# grep -n sprintf `find .` | wc -l
474

Their is lot of potential overruns in there,
and since pgsql is a net(-able) server we
should take that seriously.

I will look closer at these issues as time permits.

mvh,
--
---------------------------------------------
Göran Thyni, sysadm, JMS Bildbasen, Kiruna

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message RADHAKRISHNAN C V 1998-11-09 12:52:58 limiting the rows selected in postgresql
Previous Message Terry Mackintosh 1998-11-09 02:42:12 OK now :-) was Re: [HACKERS] regression tests