projects / postgresql.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 978894a) | patch
Avoid possibly-unsafe use of Windows' FormatMessage() function.
authorTom Lane <[email protected]>
Tue, 29 Mar 2016 15:54:57 +0000 (11:54 -0400)
committerTom Lane <[email protected]>
Tue, 29 Mar 2016 15:54:57 +0000 (11:54 -0400)
commit491e847380740dac54d4ecae820261bbaa8aee44
tree15f8d8fb2780314b8b0d235c2b9a2f8f5bdcdea8tree
parent978894a41f335ccd21140c559ecdc22f42d2f142commit | diff
Avoid possibly-unsafe use of Windows' FormatMessage() function.

Whenever this function is used with the FORMAT_MESSAGE_FROM_SYSTEM flag,
it's good practice to include FORMAT_MESSAGE_IGNORE_INSERTS as well.
Otherwise, if the message contains any %n insertion markers, the function
will try to fetch argument strings to substitute --- which we are not
passing, possibly leading to a crash.  This is exactly analogous to the
rule about not giving printf() a format string you're not in control of.

Noted and patched by Christian Ullrich.
Back-patch to all supported branches.
src/backend/libpq/auth.c diff | blob | blame | history
src/backend/port/win32/socket.c diff | blob | blame | history
src/interfaces/libpq/fe-auth.c diff | blob | blame | history
src/port/dirmod.c diff | blob | blame | history
This is the main PostgreSQL git repository.