Home > mailing lists

Re: Interesting message about printf()'s in PostgreSQL - Mailing list pgsql-hackers

From	Christopher Kings-Lynne
Subject	Re: Interesting message about printf()'s in PostgreSQL
Date	August 12, 2002 05:31:39
Msg-id	GNELIHDDFBOCMGBFGEFOKEKFCDAA.chriskl@familyhealth.com.au Whole thread Raw
In response to	Re: Interesting message about printf()'s in PostgreSQL (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Interesting message about printf()'s in PostgreSQL
List	pgsql-hackers

Tree view

> I've just finished a quick grep through the backend sources for
> "sprintf", and identified the following files as containing possible
> problems:
> src/backend/port/dynloader/freebsd.c

This one is perhaps dodgy.  You ahve this:

static char error_message[BUFSIZ];

Then you have this:
       sprintf(error_message, "dlopen (%s) not supported", file);

Where file isn't restricted in length I think...

So does that mean if you go:

CREATE FUNCTION blah AS '/home/chriskl/[90000 characters here].so' LANGUAGE
'C';

Sort of thing you could crash it?

Chris

pgsql-hackers by date:

From: Don Baccus
Date: 12 August 2002, 05:30:28
Subject: Re: OOP real life example (was Re: Why is MySQL more chosen

From: Tom Lane
Date: 12 August 2002, 05:35:28
Subject: Re: Interesting message about printf()'s in PostgreSQL

Re: Interesting message about printf()'s in PostgreSQL - Mailing list pgsql-hackers

Previous

Next