Home > mailing lists

pgsql: Avoid potential buffer overflow crash - Mailing list pgsql-committers

From	Peter Eisentraut
Subject	pgsql: Avoid potential buffer overflow crash
Date	November 23, 2013 17:45:58
Msg-id	E1VkESN-0000f7-IZ@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Avoid potential buffer overflow crash

A pointer to a C string was treated as a pointer to a "name" datum and
passed to SPI_execute_plan().  This pointer would then end up being
passed through datumCopy(), which would try to copy the entire 64 bytes
of name data, thus running past the end of the C string.  Fix by
converting the string to a proper name structure.

Found by LLVM AddressSanitizer.

Branch
------
REL9_3_STABLE

Details
-------
http://git.postgresql.org/pg/commitdiff/0f8ff3e467b2b52e8c0c44b01a1f9a4495949ba1

Modified Files
--------------
src/backend/utils/adt/ruleutils.c |    2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

pgsql-committers by date:

From: Peter Eisentraut
Date: 23 November 2013, 17:45:37
Subject: pgsql: Fix thinko in SPI_execute_plan() calls

From: Peter Eisentraut
Date: 23 November 2013, 17:46:00
Subject: pgsql: Avoid potential buffer overflow crash

pgsql: Avoid potential buffer overflow crash - Mailing list pgsql-committers

Previous

Next