On Tue, Dec 6, 2011 at 17:07, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Magnus Hagander <magnus@hagander.net> writes:
>> There is some nice precedent in the CREATE TABLESPACE command (though
>> dependent on HAVE_SYMLINK and not HAVE_READLINK), so I'm just going to
>> copy the error message from there.
>
> Fair enough.
>
> Looking at the existing readlink use in port/exec.c, it strikes me that
> another thing you'd better do is include a check for buffer overrun,
> ie the test needs to be more like
>
> rllen = readlink(fname, link_buf, sizeof(link_buf));
> if (rllen < 0 || rllen >= sizeof(link_buf))
> ... fail ...
Seems reasonable, yeah. I'll go put a similar check in the
basebackup.c file as well when I'm done here.
> Also, you're assuming that the result is already null-terminated,
> which is incorrect.
No, I'm not - I'm MemSet()ing the whole buffer to 0 before I start.
But I'll change that to work the same way as the on in port/exec.c,
for consistency.
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
