Re: Overruns (was: 'pgsql/src/backend/lib stringinfo.c')
| От | Bruce Momjian |
|---|---|
| Тема | Re: Overruns (was: 'pgsql/src/backend/lib stringinfo.c') |
| Дата | |
| Msg-id | 199812122103.QAA04669@candle.pha.pa.us обсуждение исходный текст |
| Ответ на | Overruns (was: 'pgsql/src/backend/lib stringinfo.c') (Goran Thyni <goran@bildbasen.se>) |
| Список | pgsql-hackers |
> > Does this remove the need for vsnprintf? > > I don't think so, > vsprintf is still used if 6 places in to src tree, 5 of them is in > the backend. Each of these should be examined to determent wheater > those can be rewritten or if vsnprintf is needed. > > To make matter worse: > > guevara-goran# pwd > /usr/local/src/cvs/pgsql/src > guevara-goran# grep -n sprintf `find .` | wc -l > 875 > guevara-goran# cd backend/ > guevara-goran# grep -n sprintf `find .` | wc -l > 474 > > Their is lot of potential overruns in there, > and since pgsql is a net(-able) server we > should take that seriously. > > I will look closer at these issues as time permits. Added to TODO: * fix any sprintf() overruns* add portable vsnprintf() -- Bruce Momjian | http://www.op.net/~candle maillist@candle.pha.pa.us | (610) 853-3000+ If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania19026
В списке pgsql-hackers по дате отправления: