-
- Downloads
Tweak libpq to avoid crashing due to incorrect buffer size calculation when
we are on a 64-bit machine (ie, size_t is wider than int) and someone passes in a query string that approaches or exceeds INT_MAX bytes. Also, just for paranoia's sake, guard against similar overflows in sizing the input buffer. The backend will not in the foreseeable future be prepared to send or receive strings exceeding 1GB, so I didn't take the more invasive step of switching all the buffer index variables from int to size_t; though someday we might want to do that. I have a suspicion that this is not the only such bug in libpq, but this fix is enough to take care of the crash reported by Francisco Reyes.
Showing
- src/interfaces/libpq/fe-connect.c 3 additions, 2 deletionssrc/interfaces/libpq/fe-connect.c
- src/interfaces/libpq/fe-exec.c 3 additions, 2 deletionssrc/interfaces/libpq/fe-exec.c
- src/interfaces/libpq/fe-misc.c 14 additions, 14 deletionssrc/interfaces/libpq/fe-misc.c
- src/interfaces/libpq/fe-protocol3.c 7 additions, 4 deletionssrc/interfaces/libpq/fe-protocol3.c
- src/interfaces/libpq/libpq-int.h 3 additions, 3 deletionssrc/interfaces/libpq/libpq-int.h
Loading
Please register or sign in to comment