Home > mailing lists

pgsql: to_char(): prevent accesses beyond the allocated buffer - Mailing list pgsql-committers

From	Bruce Momjian
Subject	pgsql: to_char(): prevent accesses beyond the allocated buffer
Date	February 7, 2015 05:17:15
Msg-id	E1YIIVa-0008QC-UC@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

to_char():  prevent accesses beyond the allocated buffer

Previously very long field masks for floats could access memory
beyond the existing buffer allocated to hold the result.

Reported by Andres Freund and Peter Geoghegan.    Backpatch to all
supported versions.

Security: CVE-2015-0241

Branch
------
REL9_0_STABLE

Details
-------
http://git.postgresql.org/pg/commitdiff/611e110aabdf4b5edfed178b34ba662b1549674a

Modified Files
--------------
src/backend/utils/adt/formatting.c |    4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)

pgsql-committers by date:

From: Bruce Momjian
Date: 07 February 2015, 05:16:43
Subject: pgsql: to_char(): prevent accesses beyond the allocated buffer

From: Noah Misch
Date: 07 February 2015, 05:17:22
Subject: pgsql: Fix buffer overrun after incomplete read in pullf_read_max().

pgsql: to_char(): prevent accesses beyond the allocated buffer - Mailing list pgsql-committers

Previous

Next