Quick Links

Buffer overflow in contrib/test_parser/test_parser.c

From:	Paul Guyot <pguyot(at)kallisys(dot)net>
To:	pgsql-hackers(at)postgresql(dot)org
Subject:	Buffer overflow in contrib/test_parser/test_parser.c
Date:	2012-01-09 23:18:59
Message-ID:	4D0A6693-6021-4A91-AB4F-B5F1404F73DB@kallisys.net
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Hello,

There is a buffer overflow in sample code's test_parser.c that can yield to a segmentation fault. The next byte of the buffer is tested against ' ' before its availability is checked.

You will find attached a simple patch that fixes the bug.

Paul
--
Semiocast http://semiocast.com/
+33.183627948 - 20 rue Lacaze, 75014 Paris

Attachment	Content-Type	Size
test_parser.c.diff	application/octet-stream	730 bytes

Responses

Re: Buffer overflow in contrib/test_parser/test_parser.c at 2012-01-10 00:40:51 from Tom Lane

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Jim Nasby	2012-01-09 23:35:44	Re: Generate call graphs in run-time
Previous Message	Kevin Grittner	2012-01-09 21:46:46	Re: Generate call graphs in run-time