Quick Links

pgsql: to_char(): prevent writing beyond the allocated buffer

From:	Bruce Momjian <bruce(at)momjian(dot)us>
To:	pgsql-committers(at)postgresql(dot)org
Subject:	pgsql: to_char(): prevent writing beyond the allocated buffer
Date:	2015-02-02 15:01:50
Message-ID:	[email protected]
Views:	Whole Thread \| Raw Message \| Download mbox \| Resend email
Thread:
Lists:	pgsql-committers

to_char(): prevent writing beyond the allocated buffer

Previously very long localized month and weekday strings could
overflow the allocated buffers, causing a server crash.

Reported and patch reviewed by Noah Misch. Backpatch to all
supported versions.

Security: CVE-2015-0241

Branch
------
master

Details
-------
http://git.postgresql.org/pg/commitdiff/9241c84cbcb82174a7d986242f233aa6472c1129

Modified Files
--------------
src/backend/utils/adt/formatting.c | 139 ++++++++++++++++++++++++++++++++----
1 file changed, 125 insertions(+), 14 deletions(-)

Browse pgsql-committers by date

	From	Date	Subject
Next Message	Heikki Linnakangas	2015-02-02 15:18:15	pgsql: Be more careful to not lose sync in the FE/BE protocol.
Previous Message	Tom Lane	2015-02-02 05:19:43	pgsql: Doc: fix syntax description for psql's \setenv.