Обсуждение: [PATCH] Fix off-by-one in PQprintTuples()
Don't write past the end of tborder; the size is width + 1. ---src/interfaces/libpq/fe-print.c | 2 +-1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/interfaces/libpq/fe-print.c b/src/interfaces/libpq/fe-print.c index 076e1cc..7ed489a 100644 --- a/src/interfaces/libpq/fe-print.c +++ b/src/interfaces/libpq/fe-print.c @@ -706,7 +706,7 @@ PQprintTuples(const PGresult *res, fprintf(stderr, libpq_gettext("out of memory\n")); abort(); } - for (i = 0; i <= width; i++) + for (i = 0; i < width; i++) tborder[i] = '-'; tborder[i] = '\0'; fprintf(fout,"%s\n", tborder); -- 1.7.10.4
* Xi Wang (xi.wang@gmail.com) wrote: > Don't write past the end of tborder; the size is width + 1. This whole block of code is woefully without any comments. :( Strictly speaking, it's this: tborder[i] = '\0'; Which ends up writing past the end of the buffer (which is allocated as 'width + 1'). Perhaps we should also change that to be: tborder[width] = '\0'; Thanks, Stephen
Stephen Frost <sfrost@snowman.net> writes: > Strictly speaking, it's this: > tborder[i] = '\0'; > Which ends up writing past the end of the buffer (which is allocated as > 'width + 1'). Perhaps we should also change that to be: > tborder[width] = '\0'; Yeah, I like that better too. Will commit. regards, tom lane