Thread: recent buffer overruns in plpgsql

recent buffer overruns in plpgsql

From
Roman Neuhauser
Date:
18 February 2005, 15:18:27
I have a few questions regarding (or related to) the recent
SELECT INTO fixes in plpgsql.

* There hasn't been an official announcement as far as I can tell.
  All I could find is a mention in David Fetter's Weekly News.
  Is the risk so low it doesn't warrant informing users?

* What are the plans regarding 8.0.2? For example, FreeBSD users
  who use portaudit cannot install the software ATM because the
  port is marked FORBIDDEN; they're pointed at this page:
  http://www.freebsd.org/ports/portaudit/6b4b0b3f-8127-11d9-a9e7-0001020eed82.html

* What the heck is up with http://developer.postgresql.org/cvsweb.cgi ?
  The revisions in $PostgreSQL$ keywords in diffs are off by one:
  requesting /pgsql/src/pl/plpgsql/src/gram.y.diff?r1=1.64.4.1;r2=1.64.4.3
  gives me

--- pgsql/src/pl/plpgsql/src/gram.y 2005/01/21 00:17:02 1.64.4.1
+++ pgsql/src/pl/plpgsql/src/gram.y 2005/02/08 18:21:59 1.64.4.3
@@ -4,7 +4,7 @@
  *                       procedural language
  *
  * IDENTIFICATION
- *   $PostgreSQL: pgsql/src/pl/plpgsql/src/gram.y,v 1.64 2004/10/25 06:27:21 neilc Exp $
+ *   $PostgreSQL: pgsql/src/pl/plpgsql/src/gram.y,v 1.64.4.2 2005/02/07 03:52:22 neilc Exp $

--
If you cc me or remove the list(s) completely I'll most likely ignore
your message.    see http://www.eyrie.org./~eagle/faqs/questions.html