Home > mailing lists

Re: Buffer overflow in psql - Mailing list pgsql-general

From	John D. Burger
Subject	Re: Buffer overflow in psql
Date	November 27, 2006 14:24:34
Msg-id	45E917CE-ABCD-46A8-9707-F1CBCEC6305C@mitre.org Whole thread Raw
In response to	Re: Buffer overflow in psql (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-general

Tree view

Tom Lane wrote:

>> Um, is that really considered a fix???  We all know that there's no
>> guarantee at all, even in ANSI C, that unsigned int isn't bigger than
>> 32 bits, right?
>
> OID is 32 bits.  Full stop.

I should know better than to argue about this, but:

In that case, casting it as in the OP's code sample seems problematic
in the other direction:

   sprintf(buf, "%u", (unsigned int)PQoidValue(results));

since unsigned int could be as small as 16 bits, thus truncating the
OID value.

Ok, I'll stop now, I promise.

- John D. Burger
   MITRE

pgsql-general by date:

From: koppelp@mir.wustl.edu
Date: 27 November 2006, 14:06:03
Subject: Re: kerberos authentication error with Windows 2003 SP1 AD

From: "Jeffrey Webster"
Date: 27 November 2006, 14:47:18
Subject: Re: PGDATA

Re: Buffer overflow in psql - Mailing list pgsql-general

Previous

Next