Home > mailing lists

pgsql: Fix out-of-bounds read in json_lex_string - Mailing list pgsql-committers

From	John Naylor
Subject	pgsql: Fix out-of-bounds read in json_lex_string
Date	July 12, 2022 07:27:43
Msg-id	E1oB7Us-002Nic-BI@gemulon.postgresql.org Whole thread Raw
Responses	Re: pgsql: Fix out-of-bounds read in json_lex_string
List	pgsql-committers

Tree view

Fix out-of-bounds read in json_lex_string

Commit 3838fa269 added a lookahead loop to allow building strings multiple
bytes at a time. This loop could exit because it reached the end of input,
yet did not check for that before checking if we reached the end of a
valid string. To fix, put the end of string check back in the outer loop.

Per Valgrind animal skink

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/d3117fc1a3e87717a57be0153408e5387e265e1b

Modified Files
--------------
src/common/jsonapi.c | 18 ++++++++++--------
1 file changed, 10 insertions(+), 8 deletions(-)

pgsql-committers by date:

From: John Naylor
Date: 12 July 2022, 03:43:19
Subject: Re: pgsql: Build de-escaped JSON strings in larger chunks during lexing

From: John Naylor
Date: 12 July 2022, 08:44:41
Subject: Re: pgsql: Fix out-of-bounds read in json_lex_string

pgsql: Fix out-of-bounds read in json_lex_string - Mailing list pgsql-committers

Previous

Next