| From: | Peter Eisentraut <peter(at)eisentraut(dot)org> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Detect buffer underflow in get_th() |
| Date: | 2025-08-18 09:10:49 |
| Message-ID: | E1unvtA-000SVj-1U@gemulon.postgresql.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Detect buffer underflow in get_th()
Input with zero length can result in a buffer underflow when
accessing *(num + (len - 1)), as (len - 1) would produce a negative
index. Add an assertion for zero-length input to prevent it.
This was found by ALT Linux Team.
Reviewing the call sites shows that get_th() currently cannot be
applied to an empty string: it is always called on a string containing
a number we've just printed. Therefore, an assertion rather than a
user-facing error message is sufficient.
Co-authored-by: Alexander Kuznetsov <kuznetsovam(at)altlinux(dot)org>
Discussion: https://www.postgresql.org/message-id/flat/e22df993-cdb4-4d0a-b629-42211ebed582(at)altlinux(dot)org
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/c61d51d50006a2a7bfe25d62ea0677e318febedc
Modified Files
--------------
src/backend/utils/adt/formatting.c | 2 ++
1 file changed, 2 insertions(+)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2025-08-18 13:47:14 | Re: pgsql: Move SQL-callable code related to multixacts into its own file |
| Previous Message | Michael Paquier | 2025-08-18 06:14:05 | pgsql: Move SQL-callable code related to multixacts into its own file |