| From: | Yan Haibo <haibo(dot)yan(at)hotmail(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Peter Eisentraut <peter(at)eisentraut(dot)org>, "pgsql-hackers(at)lists(dot)postgresql(dot)org" <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | 回复: 回复: 回复: Fix potential overflow risks from wcscpy and sprintf |
| Date: | 2025-06-17 03:12:38 |
| Message-ID: | CH3PR08MB8610C89DB6845D8651AB671FFA73A@CH3PR08MB8610.namprd08.prod.outlook.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Thank you, Tom. You’re absolutely right―this change is not necessary. I’ve updated the patch accordingly.
Best regards,
Haibo
________________________________
发件人: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
发送时间: 2025年6月16日 12:46
收件人: Yan Haibo <haibo(dot)yan(at)hotmail(dot)com>
抄送: Peter Eisentraut <peter(at)eisentraut(dot)org>; pgsql-hackers(at)lists(dot)postgresql(dot)org <pgsql-hackers(at)lists(dot)postgresql(dot)org>
主题: Re: 回复: 回复: Fix potential overflow risks from wcscpy and sprintf
Yan Haibo <haibo(dot)yan(at)hotmail(dot)com> writes:
> Regarding the use of wcsncpy with LOCALE_NAME_MAX_LENGTH - 1, it is a precaution in case the input string is not null-terminated.
I don't think it's a "precaution". I think it's introducing a real
bug (that is, failure on a locale name of exactly the max allowed
length) to prevent a hypothetical bug.
regards, tom lane
| Attachment | Content-Type | Size |
|---|---|---|
| 0001-Mitigate-potential-overflow-risks-from-wcscpy.patch | application/octet-stream | 1.3 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Hayato Kuroda (Fujitsu) | 2025-06-17 03:21:19 | RE: pg_recvlogical cannot create slots with failover=true |
| Previous Message | David G. Johnston | 2025-06-17 03:06:26 | Re: BackendKeyData is mandatory? |