Home > mailing lists

pgsql: Replace a few strncmp() calls with strlcpy(). - Mailing list pgsql-committers

From	Noah Misch
Subject	pgsql: Replace a few strncmp() calls with strlcpy().
Date	August 19, 2014 06:10:19
Msg-id	E1XJZoI-0002vc-7X@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Replace a few strncmp() calls with strlcpy().

strncmp() is a specialized API unsuited for routine copying into
fixed-size buffers.  On a system where the length of a single filename
can exceed MAXPGPATH, the pg_archivecleanup change prevents a simple
crash in the subsequent strlen().  Few filesystems support names that
long, and calling pg_archivecleanup with untrusted input is still not a
credible use case.  Therefore, no back-patch.

David Rowley

Branch
------
master

Details
-------
http://git.postgresql.org/pg/commitdiff/fb2aece8ae4e6f23310d7c87c7da3fec6f5df3a1

Modified Files
--------------
contrib/pg_archivecleanup/pg_archivecleanup.c |    7 ++++++-
src/backend/access/transam/xlogarchive.c      |    3 ++-
2 files changed, 8 insertions(+), 2 deletions(-)

pgsql-committers by date:

From: Tom Lane
Date: 19 August 2014, 02:19:50
Subject: Re: pgsql: Adjust Release Notes to reflect holding off wrapped expanded mod

From: Noah Misch
Date: 19 August 2014, 06:10:20
Subject: pgsql: Install libpq DLL with $(INSTALL_SHLIB).

pgsql: Replace a few strncmp() calls with strlcpy(). - Mailing list pgsql-committers

Previous

Next