Обсуждение: pgsql: Fix out-of-bounds read in json_lex_string
Fix out-of-bounds read in json_lex_string Commit 3838fa269 added a lookahead loop to allow building strings multiple bytes at a time. This loop could exit because it reached the end of input, yet did not check for that before checking if we reached the end of a valid string. To fix, put the end of string check back in the outer loop. Per Valgrind animal skink Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/d3117fc1a3e87717a57be0153408e5387e265e1b Modified Files -------------- src/common/jsonapi.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-)
On Tue, Jul 12, 2022 at 11:27 AM John Naylor <john.naylor@postgresql.org> wrote: > > Fix out-of-bounds read in json_lex_string The failure on peripatus (FreeBSD HEAD) seems completely unrelated to the changes in the commit: ld: error: unable to find library -lldap_r clang: error: linker command failed with exit code 1 (use -v to see invocation) gmake[3]: *** [../../../src/Makefile.shlib:258: libpq.so.5] Error 1 -- John Naylor EDB: http://www.enterprisedb.com
John Naylor <john.naylor@enterprisedb.com> writes: > On Tue, Jul 12, 2022 at 11:27 AM John Naylor <john.naylor@postgresql.org> wrote: >> Fix out-of-bounds read in json_lex_string > The failure on peripatus (FreeBSD HEAD) seems completely unrelated to > the changes in the commit: > ld: error: unable to find library -lldap_r Agreed, that looks like some unrelated platform change. Larry? regards, tom lane
I wrote: > John Naylor <john.naylor@enterprisedb.com> writes: >> ld: error: unable to find library -lldap_r > Agreed, that looks like some unrelated platform change. Larry? Upon further thought, this looks like fallout from an upgrade to OpenLDAP 2.5, which eliminated libldap_r. That should be fine, but you might need to blow away the animal's accache files to make configure reconsider the situation. regards, tom lane
On 07/12/2022 1:07 am, Tom Lane wrote: > I wrote: >> John Naylor <john.naylor@enterprisedb.com> writes: >>> ld: error: unable to find library -lldap_r > >> Agreed, that looks like some unrelated platform change. Larry? > > Upon further thought, this looks like fallout from an upgrade to > OpenLDAP 2.5, which eliminated libldap_r. That should be fine, > but you might need to blow away the animal's accache files to > make configure reconsider the situation. > > regards, tom lane I've killed the accache and ccache files, and it's flipped back to OK. Yes, ports deprecated/removed openldap24 and replaced it with openldap26, and the host got updated last night. Sorry for the grief :) -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 E-Mail: ler@lerctr.org US Mail: 5708 Sabbia Dr, Round Rock, TX 78665-2106