| From: | Neil Conway <neilc(at)samurai(dot)com> |
|---|---|
| To: | pgsql-patches <pgsql-patches(at)postgresql(dot)org> |
| Subject: | format string cleanup |
| Date: | 2005-04-29 08:21:28 |
| Message-ID: | 4271EE88.6040808@samurai.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
GCC 4.0 includes a new warning option, -Wformat-literal, that emits a
warning when a variable is used as a format string for printf() and
similar functions (if the variable is derived from untrusted data, it
could include unexpected formatting sequences). This emits too many
warnings to be enabled by default, but it does flag a few dubious
constructs in the Postgres tree. This patch fixes up the obvious stuff,
when a function takes a format string and the caller passes a variable
format string but no additional arguments.
Most of these are harmless (e.g. the ruleutils stuff), but there is at
least one actual bug here. If you create a trigger named "%sfoo",
pg_dump will read unitialized memory and likely not dump the trigger
correctly:
=> create trigger "%sxyz_trig" before insert on xyz for each row execute
procedure xyz();
yields the following pg_dump output:
CREATE TRIGGER ""%sxyz_trig"xyz_trig"
BEFORE INSERT ON xyz
FOR EACH ROW
EXECUTE PROCEDURE xyz();
Barring any objections, I'll apply this to HEAD and backport it to
stable branches back to 7.2 tomorrow.
-Neil
| Attachment | Content-Type | Size |
|---|---|---|
| format_string_bugs-1.patch | text/x-patch | 8.4 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | f.guidi@libero.it | 2005-04-29 08:50:21 | Re: [INTERFACES] bcc32 libpq compile problem |
| Previous Message | f.guidi@libero.it | 2005-04-29 07:57:31 | Re: [INTERFACES] bcc32 libpq compile problem |