Home > mailing lists

pgsql: port/snprintf(): fix overflow and do padding - Mailing list pgsql-committers

From	Bruce Momjian
Subject	pgsql: port/snprintf(): fix overflow and do padding
Date	February 7, 2015 05:21:19
Msg-id	E1YIIVa-0008OP-KM@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

port/snprintf():  fix overflow and do padding

Prevent port/snprintf() from overflowing its local fixed-size
buffer and pad to the desired number of digits with zeros, even
if the precision is beyond the ability of the native sprintf().
port/snprintf() is only used on systems that lack a native
snprintf().

Reported by Bruce Momjian. Patch by Tom Lane.    Backpatch to all
supported versions.

Security: CVE-2015-0242

Branch
------
master

Details
-------
http://git.postgresql.org/pg/commitdiff/29725b3db67ad3f09da1a7fb6690737d2f8d6c0a

Modified Files
--------------
src/port/snprintf.c |   69 +++++++++++++++++++++++++++++++++++++++++++++------
1 file changed, 62 insertions(+), 7 deletions(-)

pgsql-committers by date:

From: Tom Lane
Date: 07 February 2015, 05:20:59
Subject: pgsql: Last-minute updates for release notes.

From: Heikki Linnakangas
Date: 07 February 2015, 05:21:26
Subject: pgsql: Be more careful to not lose sync in the FE/BE protocol.

pgsql: port/snprintf(): fix overflow and do padding - Mailing list pgsql-committers

Previous

Next