Home > mailing lists

pgsql: Avoid reading past datum end when parsing JSON. - Mailing list pgsql-committers

From	Noah Misch
Subject	pgsql: Avoid reading past datum end when parsing JSON.
Date	June 13, 2013 04:55:05
Msg-id	E1Umuui-0007kp-SV@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Avoid reading past datum end when parsing JSON.

Several loops in the JSON parser examined a byte in memory just before
checking whether its address was in-bounds, so they could read one byte
beyond the datum's allocation.  A SIGSEGV is possible.  New in 9.3, so
no back-patch.

Branch
------
master

Details
-------
http://git.postgresql.org/pg/commitdiff/66008564f8ce570f7ad6368fbde2138e946d328b

Modified Files
--------------
src/backend/utils/adt/json.c |   21 +++++++++++++--------
1 file changed, 13 insertions(+), 8 deletions(-)

pgsql-committers by date:

From: Tom Lane
Date: 13 June 2013, 00:53:57
Subject: pgsql: Improve updatability checking for views and foreign tables.

From: Noah Misch
Date: 13 June 2013, 04:55:09
Subject: pgsql: Don't use ordinary NULL-terminated strings as Name datums.

pgsql: Avoid reading past datum end when parsing JSON. - Mailing list pgsql-committers

Previous

Next