pgsql: Protect against overflow of ltree.numlevel and lquery.numlevel.
| От | Tom Lane |
|---|---|
| Тема | pgsql: Protect against overflow of ltree.numlevel and lquery.numlevel. |
| Дата | |
| Msg-id | E1jIIiZ-0003Hx-CR@gemulon.postgresql.org обсуждение исходный текст |
| Список | pgsql-committers |
Protect against overflow of ltree.numlevel and lquery.numlevel. These uint16 fields could be overflowed by excessively long input, producing strange results. Complain for invalid input. Likewise check for out-of-range values of the repeat counts in lquery. (We don't try too hard on that one, notably not bothering to detect if atoi's result has overflowed.) Also detect length overflow in ltree_concat. In passing, be more consistent about whether "syntax error" messages include the type name. Also, clarify the documentation about what the size limit is. This has been broken for a long time, so back-patch to all supported branches. Nikita Glukhov, reviewed by Benjie Gillam and Tomas Vondra Discussion: https://postgr.es/m/CAP_rww=waX2Oo6q+MbMSiZ9ktdj6eaJj0cQzNu=Ry2cCDij5fw@mail.gmail.com Branch ------ REL_10_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/2618ac6c6535171f4993a38e3410955e1c2a2073 Modified Files -------------- contrib/ltree/expected/ltree.out | 46 ++++++++++++++++++++++++++++++++++ contrib/ltree/ltree.h | 2 ++ contrib/ltree/ltree_io.c | 54 ++++++++++++++++++++++++++-------------- contrib/ltree/ltree_op.c | 9 ++++++- contrib/ltree/sql/ltree.sql | 11 ++++++++ doc/src/sgml/ltree.sgml | 3 +-- 6 files changed, 104 insertions(+), 21 deletions(-)
В списке pgsql-committers по дате отправления: