pgsql: ecpg: Fix zero-termination of string generated by intoasc()
| От | Michael Paquier |
|---|---|
| Тема | pgsql: ecpg: Fix zero-termination of string generated by intoasc() |
| Дата | |
| Msg-id | E1rbtYu-006wQn-3f@gemulon.postgresql.org обсуждение исходный текст |
| Список | pgsql-committers |
ecpg: Fix zero-termination of string generated by intoasc() intoasc(), a wrapper for PGTYPESinterval_to_asc that converts an interval to its textual representation, used a plain memcpy() when copying its result. This could miss a zero-termination in the result string, leading to an incorrect result. The routines in informix.c do not provide the length of their result buffer, which would allow a replacement of strcpy() to safer strlcpy() calls, but this requires an ABI breakage and that cannot happen in back-branches. Author: Oleg Tselebrovskiy Reviewed-by: Ashutosh Bapat Discussion: https://postgr.es/m/bf47888585149f83b276861a1662f7e4@postgrespro.ru Backpatch-through: 12 Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/e77a1c58e338a1aebf00e3ae82d282f8bd32fe17 Modified Files -------------- src/interfaces/ecpg/compatlib/informix.c | 2 +- .../ecpg/test/compat_informix/.gitignore | 2 ++ src/interfaces/ecpg/test/compat_informix/Makefile | 3 +- .../ecpg/test/compat_informix/intoasc.pgc | 21 ++++++++++++ .../ecpg/test/compat_informix/meson.build | 1 + src/interfaces/ecpg/test/ecpg_schedule | 1 + .../ecpg/test/expected/compat_informix-intoasc.c | 40 ++++++++++++++++++++++ .../test/expected/compat_informix-intoasc.stderr | 0 .../test/expected/compat_informix-intoasc.stdout | 2 ++ 9 files changed, 70 insertions(+), 2 deletions(-)
В списке pgsql-committers по дате отправления: