pgsql: Protect against overflow of ltree.numlevel and lquery.numlevel.
| От | Tom Lane |
|---|---|
| Тема | pgsql: Protect against overflow of ltree.numlevel and lquery.numlevel. |
| Дата | |
| Msg-id | E1jIIiZ-0003Hr-BZ@gemulon.postgresql.org обсуждение исходный текст |
| Список | pgsql-committers |
Protect against overflow of ltree.numlevel and lquery.numlevel. These uint16 fields could be overflowed by excessively long input, producing strange results. Complain for invalid input. Likewise check for out-of-range values of the repeat counts in lquery. (We don't try too hard on that one, notably not bothering to detect if atoi's result has overflowed.) Also detect length overflow in ltree_concat. In passing, be more consistent about whether "syntax error" messages include the type name. Also, clarify the documentation about what the size limit is. This has been broken for a long time, so back-patch to all supported branches. Nikita Glukhov, reviewed by Benjie Gillam and Tomas Vondra Discussion: https://postgr.es/m/CAP_rww=waX2Oo6q+MbMSiZ9ktdj6eaJj0cQzNu=Ry2cCDij5fw@mail.gmail.com Branch ------ REL_12_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/2bb6bdbe5da77eab44abf6512779a4aa04419700 Modified Files -------------- contrib/ltree/expected/ltree.out | 46 ++++++++++++++++++++++++++++++++++ contrib/ltree/ltree.h | 2 ++ contrib/ltree/ltree_io.c | 54 ++++++++++++++++++++++++++-------------- contrib/ltree/ltree_op.c | 9 ++++++- contrib/ltree/sql/ltree.sql | 11 ++++++++ doc/src/sgml/ltree.sgml | 3 +-- 6 files changed, 104 insertions(+), 21 deletions(-)
В списке pgsql-committers по дате отправления: