Postgres Pro
Downloads
Home   >   mailing lists

BUG #5101: Off-by-one error in bitncmp() in src/backend/utils/adt/network.c - Mailing list pgsql-bugs

From Chris Mikkelson
Subject BUG #5101: Off-by-one error in bitncmp() in src/backend/utils/adt/network.c
Date
Msg-id 200910071747.n97HlsvM098115@wwwmaster.postgresql.org
Whole thread Raw
Responses Re: BUG #5101: Off-by-one error in bitncmp() in src/backend/utils/adt/network.c
List pgsql-bugs
Tree view 
The following bug has been logged online:

Bug reference:      5101
Logged by:          Chris Mikkelson
Email address:      cmikk@qwest.net
PostgreSQL version: 8.4.1(+earlier)
Operating system:   all
Description:        Off-by-one error in bitncmp() in
src/backend/utils/adt/network.c
Details:

When comparing a number of bits divisible by 8, bitncmp() may dereference a
pointer one byte out
of bounds.

The following patch against 8.4.1 incorporates the fix made to bitncmp() in
the BIND source tree:

*** src/backend/utils/adt/network.c.orig        2009-10-07
12:32:13.000000000 -0500
--- src/backend/utils/adt/network.c     2009-10-07 12:32:45.000000000 -0500
*************** bitncmp(void *l, void *r, int n)
*** 972,979 ****

        b = n / 8;
        x = memcmp(l, r, b);
!       if (x)
!               return x;

        lb = ((const u_char *) l)[b];
        rb = ((const u_char *) r)[b];
--- 972,979 ----

        b = n / 8;
        x = memcmp(l, r, b);
!       if (x || (n % 8) == 0)
!               return (x);

        lb = ((const u_char *) l)[b];
        rb = ((const u_char *) r)[b];

pgsql-bugs by date:

Previous
From: "Viet Duc"
Date:
Subject: BUG #5100: Help me!!I want cause : "invalid page header in block xxxx",i need support to repair and avert
Next
From: "Michael Renner"
Date:
Subject: BUG #5103: "pg_ctl -w (re)start" fails with custom unix_socket_directory