Home > mailing lists

Re: Unbounded %s in sscanf - Mailing list pgsql-hackers

From	Daniel Gustafsson
Subject	Re: Unbounded %s in sscanf
Date	June 28, 2021 17:45:53
Msg-id	FC507F06-7199-435C-A3EF-0087278E44E8@yesql.se Whole thread Raw
In response to	Re: Unbounded %s in sscanf (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Unbounded %s in sscanf (Daniel Gustafsson <daniel@yesql.se>)
List	pgsql-hackers

Tree view

> On 28 Jun 2021, at 16:02, Tom Lane <tgl@sss.pgh.pa.us> wrote:

> Ugh.  Shouldn't we instead modify the format to read not more than
> two characters?  Even if this is safe on non-malicious input, it
> doesn't seem like good style.

No disagreement, I was only basing it on what is in the tree.  I would propose
that we change the sscanf in _LoadBlobs() too though to eliminate all such
callsites, even though that one is even safer.  I'll prepare a patch once more
caffeine has been ingested.

--
Daniel Gustafsson        https://vmware.com/

pgsql-hackers by date:

From: Tom Lane
Date: 28 June 2021, 17:44:42
Subject: Re: pgindent run

From: Andrew Dunstan
Date: 28 June 2021, 17:50:56
Subject: Re: pgindent run

Re: Unbounded %s in sscanf - Mailing list pgsql-hackers

Previous

Next