momjian@postgresql.org (Bruce Momjian - CVS) writes:
> Modified files:
> src/backend/utils/adt: oracle_compat.c
>
> Log message:
> repeat() fix:
>
> > Neil Conway <neilc@samurai.com> writes:
> > > + /* Check for integer overflow */
> > > + if (tlen / slen != count)
> > > + elog(ERROR, "Requested buffer is too large.");
> >
> > What about slen == 0?
>
> Good point -- that wouldn't cause incorrect results or a security
> problem, but it would reject input that we should really accept.
>
> Revised patch is attached.
This is the wrong version of the patch -- please apply the updated
patch I sent to -hackers (which is the same one I sent to you via
private mal).
Also, this should be applied to REL7_2_STABLE as well, IMHO.
Cheers,
Neil
--
Neil Conway <neilc@samurai.com> || PGP Key ID: DB3C29FC