Home > mailing lists

pgsql: Fix xslt_process() to ensure that it inserts a NULL terminator - Mailing list pgsql-committers

From	tgl@postgresql.org (Tom Lane)
Subject	pgsql: Fix xslt_process() to ensure that it inserts a NULL terminator
Date	July 10, 2009 00:32:42
Msg-id	20090710003229.816A675331E@cvs.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Log Message:
-----------
Fix xslt_process() to ensure that it inserts a NULL terminator after the
last pair of parameter name/value strings, even when there are MAXPARAMS
of them.  Aboriginal bug in contrib/xml2, noted while studying bug #4912
(though I'm not sure whether there's something else involved in that
report).

This might be thought a security issue, since it's a potential backend
crash; but considering that untrustworthy users shouldn't be allowed
to get their hands on xslt_process() anyway, it's probably not worth
getting excited about.

Tags:
----
REL8_0_STABLE

Modified Files:
--------------
    pgsql/contrib/xml2:
        xslt_proc.c (r1.3 -> r1.3.4.1)
        (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/contrib/xml2/xslt_proc.c?r1=1.3&r2=1.3.4.1)

pgsql-committers by date:

From: tgl@postgresql.org (Tom Lane)
Date: 10 July 2009, 00:32:35
Subject: pgsql: Fix xslt_process() to ensure that it inserts a NULL terminator

From: bloodnok@pgfoundry.org (User Bloodnok)
Date: 10 July 2009, 22:40:50
Subject: veil - veil: Minor documentation fix

pgsql: Fix xslt_process() to ensure that it inserts a NULL terminator - Mailing list pgsql-committers

Previous

Next