may be a buffer overflow problem - Mailing list pgsql-hackers

From Winter Loo
Subject may be a buffer overflow problem
Date
Msg-id 4bf5ab75.6fd4.19015aecf9e.Coremail.winterloo@126.com
Whole thread Raw
Responses Re: may be a buffer overflow problem
Re: may be a buffer overflow problem
List pgsql-hackers
Hi hackers,

I am using gcc version 11.3.0 to compile postgres source code. Gcc complains about the following line:

```c
strncpy(sqlca->sqlstate, "YE001", sizeof(sqlca->sqlstate));
```

with error as:

misc.c:529:17: error: ‘strncpy’ output truncated before terminating nul copying 5 bytes from a string of the same length [-Werror=stringop-truncation]

I find the definition of `sqlca->sqlstate` and it has only 5 bytes. When the statement

```c
strncpy(sqlca->sqlstate, "YE001", sizeof(sqlca->sqlstate));
```

get executed, `sqlca->sqlstate` will have no '\0' byte which makes me anxious when someone prints that as a string. Indeed, I found the code(in src/interfaces/ecpg/ecpglib/misc.c) does that,

```c
fprintf(debugstream, "[NO_PID]: sqlca: code: %ld, state: %s\n",
sqlca->sqlcode, sqlca->sqlstate);
```

Is there any chance to fix the code?

pgsql-hackers by date:

Previous
From: Dominique Devienne
Date:
Subject: Re: Improve the granularity of PQsocketPoll's timeout parameter?
Next
From: "Anton A. Melnikov"
Date:
Subject: Don't process multi xmax in FreezeMultiXactId() if it is already marked as invalid.