Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in
| От | Tom Lane |
|---|---|
| Тема | Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in |
| Дата | |
| Msg-id | 5272.1029850798@sss.pgh.pa.us обсуждение исходный текст |
| Ответ на | Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in (Vince Vielhaber <vev@michvhf.com>) |
| Список | pgsql-hackers |
Vince Vielhaber <vev@michvhf.com> writes:
> On Mon, 19 Aug 2002, Tom Lane wrote:
>> I'd like to see something done about this fairly soon, but it's not
>> happening for 7.3 ...
> Can we trap and just return an error before it goes into the weeds and
> put the subdividing opaque fix in later?
I don't think there's any quick and dirty solution.
One thing we could probably do in a relatively short amount of time,
considering that we already have one pseudo-type in the system, is to
go ahead and invent the "C string" pseudo-type and then change all the
built-in I/O functions to be declared as taking or returning C string
(as appropriate). We couldn't really do strong type checking on this
yet, because we couldn't expect user-defined types' I/O functions to be
declared correctly for awhile yet, but at least it would plug the hole
for built-in types.
What this needs is someone to do the legwork...
regards, tom lane
В списке pgsql-hackers по дате отправления: