Home > mailing lists

pgsql: to_char(): prevent accesses beyond the allocated buffer - Mailing list pgsql-committers

From	Bruce Momjian
Subject	pgsql: to_char(): prevent accesses beyond the allocated buffer
Date	February 7, 2015 05:20:03
Msg-id	E1YIIVa-0008Pm-Rc@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

to_char():  prevent accesses beyond the allocated buffer

Previously very long field masks for floats could access memory
beyond the existing buffer allocated to hold the result.

Reported by Andres Freund and Peter Geoghegan.    Backpatch to all
supported versions.

Security: CVE-2015-0241

Branch
------
REL9_1_STABLE

Details
-------
http://git.postgresql.org/pg/commitdiff/037529a11c96a09c85b8bbc443f8301067c0ef22

Modified Files
--------------
src/backend/utils/adt/formatting.c |    4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)

pgsql-committers by date:

From: Heikki Linnakangas
Date: 07 February 2015, 05:19:48
Subject: pgsql: Be more careful to not lose sync in the FE/BE protocol.

From: Bruce Momjian
Date: 07 February 2015, 05:20:07
Subject: pgsql: to_char(): prevent writing beyond the allocated buffer

pgsql: to_char(): prevent accesses beyond the allocated buffer - Mailing list pgsql-committers

Previous

Next