Thread: BUG #1189: unbounded string copy in postmaster

BUG #1189: unbounded string copy in postmaster

From

"PostgreSQL Bugs List"

Date:

07 July 2004, 17:15:34

The following bug has been logged online:

Bug reference:      1189
Logged by:          George Gal

Email address:      ggal@vsecurity.com

PostgreSQL version: 7.4

Operating system:   FreeBSD 5.2 (Current)

Description:        unbounded string copy in postmaster

Details:

Looks like the -o command line option doesn't perform any bounds checking on
the option before copying to the ExtraOptions[1024] char array. [line 529 of
postmaster.c]

Re: BUG #1189: unbounded string copy in postmaster

From

Tom Lane

Date:

10 July 2004, 23:31:38

"PostgreSQL Bugs List" <pgsql-bugs@postgresql.org> writes:
> Looks like the -o command line option doesn't perform any bounds checking on
> the option before copying to the ExtraOptions[1024] char array. [line 529 of
> postmaster.c]

I cannot get super excited about this, since the person or script
starting the postmaster has to be trusted anyway.  But I've tweaked
the code to prevent a buffer overrun here.

            regards, tom lane