| From: | Pavel Stehule <stehule(at)kix(dot)fsv(dot)cvut(dot)cz> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | Re: PG_RETURN_TEXT_P crash server process |
| Date: | 2002-11-12 13:33:14 |
| Message-ID: | Pine.LNX.4.44.0211121429250.13247-100000@kix.fsv.cvut.cz |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
You have true. When I modify code on
long ma = ((*saved_chars + l + VARHDRSZ) / page_size + 1) * page_size;
*allocated_free = ma - *saved_chars - VARHDRSZ;
my function works well. Thank you wery much. One night I lost with this
:->
On Tue, 12 Nov 2002, Tom Lane wrote:
> Pavel Stehule <stehule(at)kix(dot)fsv(dot)cvut(dot)cz> writes:
> > I found some problem with PG_RETURN_TEXT_P.
>
> Fix your code to not scribble on memory that doesn't belong to it,
> and all will be well. I can see at least two buffer-overrun bugs,
> and there may be more:
>
> txtn = (text *) palloc (ma); -- forgot to add VARHDRSZ
>
> strcpy (*str_pointer, str); -- copies one byte too many
>
> regards, tom lane
>
> ---------------------------(end of broadcast)---------------------------
> TIP 1: subscribe and unsubscribe commands go to majordomo(at)postgresql(dot)org
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | 2002-11-12 15:59:00 | how to configure postgresql | |
| Previous Message | Tom Lane | 2002-11-12 13:11:45 | Re: PG_RETURN_TEXT_P crash server process |