Home > mailing lists

[PATCH] Fix buffer not null terminated on (ecpg lib) - Mailing list pgsql-hackers

From	Ranier Vilela
Subject	[PATCH] Fix buffer not null terminated on (ecpg lib)
Date	April 23, 2020 01:48:07
Msg-id	CAEudQApFOzniNRqCMLYDACU6G=TLuGoL_kH6XtJLgqSSdRwrTw@mail.gmail.com Whole thread Raw
Responses	Re: [PATCH] Fix buffer not null terminated on (ecpg lib)
List	pgsql-hackers

Hi,

strncpy, it is not a safe function and has the risk of corrupting memory.

On ecpg lib, two sources, make use of strncpy risk, this patch tries to fix.

1. Make room for the last null-characte;

2. Copies Maximum number of characters - 1.

per Coverity.

regards,

Ranier Vilela

From: Tom Lane
Date: 23 April 2020, 01:40:07
Subject: Re: More efficient RI checks - take 2

From: Ranier Vilela
Date: 23 April 2020, 01:54:59
Subject: [PATCH] FIx explicit null dereference pointer (nbtree.c)