Code coverage for most pg_mblen* calls.
A security patch changed them today, so close the coverage gap now.
Test that buffer overrun is avoided when pg_mblen*() requires more
than the number of bytes remaining.
This does not cover the calls in dict_thesaurus.c or in dict_synonym.c.
That code is straightforward. To change that code's input, one must
have access to modify installed OS files, so low-privilege users are not
a threat. Testing this would likewise require changing installed
share/postgresql/tsearch_data, which was enough of an obstacle to not
bother.
Security: CVE-2026-2006
Backpatch-through: 14
Co-authored-by: Thomas Munro <thomas.munro@gmail.com>
Co-authored-by: Noah Misch <noah@leadboat.com>
Reviewed-by: Heikki Linnakangas <hlinnaka@iki.fi>
Branch
------
REL_15_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/757bf8145e243b4ad1a76460264f6f4df7e0fb1f
Modified Files
--------------
contrib/pg_trgm/Makefile | 2 +-
contrib/pg_trgm/data/trgm_utf8.data | 50 ++++
contrib/pg_trgm/expected/pg_utf8_trgm.out | 8 +
contrib/pg_trgm/expected/pg_utf8_trgm_1.out | 3 +
contrib/pg_trgm/sql/pg_utf8_trgm.sql | 9 +
src/backend/utils/adt/arrayfuncs.c | 161 +++++++++++
src/include/utils/array.h | 4 +
src/test/regress/expected/encoding.out | 401 ++++++++++++++++++++++++++++
src/test/regress/expected/encoding_1.out | 4 +
src/test/regress/expected/euc_kr.out | 16 ++
src/test/regress/expected/euc_kr_1.out | 6 +
src/test/regress/parallel_schedule | 2 +-
src/test/regress/regress.c | 139 ++++++++++
src/test/regress/sql/encoding.sql | 228 ++++++++++++++++
src/test/regress/sql/euc_kr.sql | 12 +
15 files changed, 1043 insertions(+), 2 deletions(-)
