CVSROOT: /cvsroot
Module name: pgsql-server
Changes by: momjian@postgresql.org 02/08/14 22:58:29
Modified files:
contrib/dbase : dbf.c dbf2pg.c
contrib/findoidjoins: findoidjoins.c
contrib/lo : lo.c
contrib/mSQL-interface: mpgsql.c
contrib/oid2name: oid2name.c
contrib/pg_dumplo: lo_export.c lo_import.c utils.c
contrib/pg_resetxlog: pg_resetxlog.c
contrib/pgbench: pgbench.c
contrib/rserv : rserv.c
contrib/spi : refint.c timetravel.c
contrib/vacuumlo: vacuumlo.c
Log message:
The attached patch changes most of the usages of sprintf() to
snprintf() in contrib/. I didn't touch the places where pointer
arithmatic was being used, or other areas where the fix wasn't
trivial. I would think that few, if any, of the usages of sprintf()
were actually exploitable, but it's probably better to be paranoid...
Neil Conway