Home > mailing lists

pgsql: Avoid potential buffer overflow crash - Mailing list pgsql-committers

From	Peter Eisentraut
Subject	pgsql: Avoid potential buffer overflow crash
Date	November 23, 2013 17:46:00
Msg-id	E1VkESN-0000fL-R8@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Avoid potential buffer overflow crash

A pointer to a C string was treated as a pointer to a "name" datum and
passed to SPI_execute_plan().  This pointer would then end up being
passed through datumCopy(), which would try to copy the entire 64 bytes
of name data, thus running past the end of the C string.  Fix by
converting the string to a proper name structure.

Found by LLVM AddressSanitizer.

Branch
------
REL8_4_STABLE

Details
-------
http://git.postgresql.org/pg/commitdiff/240766a6ecbb2e523fe0a2a43feb949f6fe6521d

Modified Files
--------------
src/backend/utils/adt/ruleutils.c |    2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

pgsql-committers by date:

From: Peter Eisentraut
Date: 23 November 2013, 17:45:58
Subject: pgsql: Avoid potential buffer overflow crash

From: Tom Lane
Date: 24 November 2013, 02:25:41
Subject: pgsql: Ensure _dosmaperr() actually sets errno correctly.

pgsql: Avoid potential buffer overflow crash - Mailing list pgsql-committers

Previous

Next