Home > mailing lists

pgsql: Avoid potential buffer overflow crash - Mailing list pgsql-committers

From	Peter Eisentraut
Subject	pgsql: Avoid potential buffer overflow crash
Date	November 23, 2013 17:45:32
Msg-id	E1VkESN-0000f1-Cu@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Avoid potential buffer overflow crash

A pointer to a C string was treated as a pointer to a "name" datum and
passed to SPI_execute_plan().  This pointer would then end up being
passed through datumCopy(), which would try to copy the entire 64 bytes
of name data, thus running past the end of the C string.  Fix by
converting the string to a proper name structure.

Found by LLVM AddressSanitizer.

Branch
------
master

Details
-------
http://git.postgresql.org/pg/commitdiff/4053189d594a5eb1949bba26766fdb0de837e255

Modified Files
--------------
src/backend/utils/adt/ruleutils.c |    2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

pgsql-committers by date:

From: Peter Eisentraut
Date: 23 November 2013, 17:45:26
Subject: pgsql: Avoid potential buffer overflow crash

From: Peter Eisentraut
Date: 23 November 2013, 17:45:37
Subject: pgsql: Fix thinko in SPI_execute_plan() calls

pgsql: Avoid potential buffer overflow crash - Mailing list pgsql-committers

Previous

Next