Home > mailing lists

pgsql: Use snprintf not sprintf in pg_waldump's timestamptz_to_str. - Mailing list pgsql-committers

From	Tom Lane
Subject	pgsql: Use snprintf not sprintf in pg_waldump's timestamptz_to_str.
Date	June 17, 2018 00:59:01
Msg-id	E1fUGPd-0001J8-3v@gemulon.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Use snprintf not sprintf in pg_waldump's timestamptz_to_str.

This could only cause an issue if strftime returned a ridiculously
long timezone name, which seems unlikely; and it wouldn't qualify
as a security problem even then, since pg_waldump (nee pg_xlogdump)
is a debug tool not part of the server.  But gcc 8 has started issuing
warnings about it, so let's use snprintf and be safe.

Backpatch to 9.3 where this code was added.

Discussion: https://postgr.es/m/21789.1529170195@sss.pgh.pa.us

Branch
------
REL_10_STABLE

Details
-------
https://git.postgresql.org/pg/commitdiff/18933261589c9547d5c517cdc05f25362cce412a

Modified Files
--------------
src/bin/pg_waldump/compat.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

pgsql-committers by date:

From: Tom Lane
Date: 17 June 2018, 00:11:19
Subject: pgsql: Fix some minor error-checking oversights inParseFuncOrColumn().

From: Tom Lane
Date: 17 June 2018, 01:34:30
Subject: pgsql: Use -Wno-format-truncation and -Wno-stringop-truncation,if avai

pgsql: Use snprintf not sprintf in pg_waldump's timestamptz_to_str. - Mailing list pgsql-committers

Previous

Next