Quick Links

Re: Potential buffer overrun in spell.c's CheckAffix()

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	pgsql-bugs(at)lists(dot)postgresql(dot)org
Subject:	Re: Potential buffer overrun in spell.c's CheckAffix()
Date:	2026-04-21 22:35:09
Message-ID:	864123.1776810909@sss.pgh.pa.us
Views:	Whole Thread \| Raw Message \| Download mbox \| Resend email
Thread:
Lists:	pgsql-bugs

Further to that ... I found another item in the pgsql-security
archives concerning a buffer overrun in ispell affix-file parsing,
which we had likewise deemed not a security vulnerability because
text search configuration files are assumed trustworthy.
But if we're going to tighten up CheckAffix() then it's pretty
silly not to fix these issues too.

regards, tom lane

Attachment	Content-Type	Size
v1-0001-Prevent-some-buffer-overruns-in-spell.c-s-parsing.patch	text/x-diff	4.7 KB

In response to

Potential buffer overrun in spell.c's CheckAffix() at 2026-04-21 17:32:24 from Tom Lane

Browse pgsql-bugs by date

	From	Date	Subject
Next Message	Andrey Borodin	2026-04-22 11:57:26	Re: Potential buffer overrun in spell.c's CheckAffix()
Previous Message	Tom Lane	2026-04-21 17:32:24	Potential buffer overrun in spell.c's CheckAffix()