| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Guard against overly-long numeric formatting symbols from locale |
| Date: | 2026-04-22 16:41:15 |
| Message-ID: | E1wFadW-002Bey-23@gemulon.postgresql.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Guard against overly-long numeric formatting symbols from locale.
to_char() allocates its output buffer with 8 bytes per formatting
code in the pattern. If the locale's currency symbol, thousands
separator, or decimal or sign symbol is more than 8 bytes long,
in principle we could overrun the output buffer. No such locales
exist in the real world, so it seems sufficient to truncate the
symbol if we do see it's too long.
Reported-by: Xint Code
Author: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Discussion: https://postgr.es/m/638232.1776790821@sss.pgh.pa.us
Backpatch-through: 14
Branch
------
REL_16_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/e1e60f148a3aa937f1bf92dd50bb4b24051fd0e2
Modified Files
--------------
src/backend/utils/adt/formatting.c | 61 +++++++++++++++++++++++++++-----------
1 file changed, 43 insertions(+), 18 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Geoghegan | 2026-04-22 16:47:33 | pgsql: Harmonize function parameter names for Postgres 19. |
| Previous Message | Tom Lane | 2026-04-22 16:02:25 | pgsql: Prevent some buffer overruns in spell.c's parsing of affix files |