Обсуждение: [PATCH] Fix off-by-one in PQprintTuples()

Don't write past the end of tborder; the size is width + 1.
---src/interfaces/libpq/fe-print.c |    2 +-1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/interfaces/libpq/fe-print.c b/src/interfaces/libpq/fe-print.c
index 076e1cc..7ed489a 100644
--- a/src/interfaces/libpq/fe-print.c
+++ b/src/interfaces/libpq/fe-print.c
@@ -706,7 +706,7 @@ PQprintTuples(const PGresult *res,                fprintf(stderr, libpq_gettext("out of
memory\n"));               abort();            }
 
-            for (i = 0; i <= width; i++)
+            for (i = 0; i < width; i++)                tborder[i] = '-';            tborder[i] = '\0';
fprintf(fout,"%s\n", tborder);
 
-- 
1.7.10.4

* Xi Wang (xi.wang@gmail.com) wrote:
> Don't write past the end of tborder; the size is width + 1.

This whole block of code is woefully without any comments. :(

Strictly speaking, it's this:

tborder[i] = '\0';

Which ends up writing past the end of the buffer (which is allocated as
'width + 1').  Perhaps we should also change that to be:

tborder[width] = '\0';
Thanks,
    Stephen

Stephen Frost <sfrost@snowman.net> writes:
> Strictly speaking, it's this:

> tborder[i] = '\0';

> Which ends up writing past the end of the buffer (which is allocated as
> 'width + 1').  Perhaps we should also change that to be:

> tborder[width] = '\0';

Yeah, I like that better too.  Will commit.
        regards, tom lane