Home > mailing lists

pgsql: to_char(): prevent accesses beyond the allocated buffer - Mailing list pgsql-committers

From	Bruce Momjian
Subject	pgsql: to_char(): prevent accesses beyond the allocated buffer
Date	February 7, 2015 05:18:56
Msg-id	E1YIIVa-0008PM-PN@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

to_char():  prevent accesses beyond the allocated buffer

Previously very long field masks for floats could access memory
beyond the existing buffer allocated to hold the result.

Reported by Andres Freund and Peter Geoghegan.    Backpatch to all
supported versions.

Security: CVE-2015-0241

Branch
------
REL9_2_STABLE

Details
-------
http://git.postgresql.org/pg/commitdiff/5ae3bf1af34082f3b53955053ce11a6f20b1b751

Modified Files
--------------
src/backend/utils/adt/formatting.c |    4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)

pgsql-committers by date:

From: Bruce Momjian
Date: 07 February 2015, 05:18:27
Subject: pgsql: port/snprintf(): fix overflow and do padding

From: Heikki Linnakangas
Date: 07 February 2015, 05:19:07
Subject: pgsql: Be more careful to not lose sync in the FE/BE protocol.

pgsql: to_char(): prevent accesses beyond the allocated buffer - Mailing list pgsql-committers

Previous

Next