pgsql: Avoid use of sscanf() to parse ispell dictionary files. - Mailing list pgsql-committers

From Tom Lane
Subject pgsql: Avoid use of sscanf() to parse ispell dictionary files.
Date
Msg-id E1aTf9o-0001ge-L3@gemulon.postgresql.org
Whole thread Raw
List pgsql-committers
Avoid use of sscanf() to parse ispell dictionary files.

It turns out that on FreeBSD-derived platforms (including OS X), the
*scanf() family of functions is pretty much brain-dead about multibyte
characters.  In particular it will apply isspace() to individual bytes
of input even when those bytes are part of a multibyte character, thus
allowing false recognition of a field-terminating space.

We appear to have little alternative other than instituting a coding
rule that *scanf() is not to be used if the input string might contain
multibyte characters.  (There was some discussion of relying on "%ls",
but that probably just moves the portability problem somewhere else,
and besides it doesn't fully prevent BSD *scanf() from using isspace().)

This patch is a down payment on that: it gets rid of use of sscanf()
to parse ispell dictionary files, which are certainly at great risk
of having a problem.  The code is cleaner this way anyway, though
a bit longer.

In passing, improve a few comments.

Report and patch by Artur Zakirov, reviewed and somewhat tweaked by me.
Back-patch to all supported branches.

Branch
------
REL9_4_STABLE

Details
-------
http://git.postgresql.org/pg/commitdiff/19e469410a8ccdc0c0d6cb362a02e35d1bb65c8a

Modified Files
--------------
src/backend/tsearch/spell.c | 166 ++++++++++++++++++++++++++++++++++++++++----
1 file changed, 153 insertions(+), 13 deletions(-)


pgsql-committers by date:

Previous
From: Tom Lane
Date:
Subject: pgsql: Avoid use of sscanf() to parse ispell dictionary files.
Next
From: Tom Lane
Date:
Subject: pgsql: Avoid use of sscanf() to parse ispell dictionary files.