From 81dfa2ce4328c44201a70a9dc3517bd356698069 Mon Sep 17 00:00:00 2001
From: Bruce Momjian <bruce@momjian.us>
Date: Wed, 28 Aug 2002 20:46:24 +0000
Subject: [PATCH] backend where a statically sized buffer is written to. Most
of these should be pretty safe in practice, but it's probably better to be
safe than sorry.
I was actually looking for cases where NAMEDATALEN is assumed to be
32, but only found one. That's fixed too, as well as a few bits of
code cleanup.
Neil Conway
---
src/backend/executor/execMain.c | 4 ++--
src/backend/optimizer/plan/planner.c | 4 ++--
src/backend/parser/analyze.c | 4 ++--
src/backend/parser/gram.y | 4 ++--
src/backend/utils/adt/mac.c | 4 ++--
src/backend/utils/adt/tid.c | 4 ++--
src/backend/utils/adt/varlena.c | 12 +++++-------
src/bin/pg_dump/pg_backup_tar.c | 6 ++----
src/bin/pg_dump/pg_backup_tar.h | 10 +++++-----
src/bin/psql/print.c | 6 +++---
src/interfaces/cli/example2.c | 2 +-
src/pl/plpgsql/src/gram.y | 6 +++---
src/pl/plpgsql/src/pl_comp.c | 4 ++--
13 files changed, 33 insertions(+), 37 deletions(-)
diff --git a/src/backend/executor/execMain.c b/src/backend/executor/execMain.c
index 0b9bb86578a..7a6e1c69956 100644
--- a/src/backend/executor/execMain.c
+++ b/src/backend/executor/execMain.c
@@ -27,7 +27,7 @@
*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.174 2002/08/15 16:36:02 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.175 2002/08/28 20:46:22 momjian Exp $
*
*-------------------------------------------------------------------------
*/
@@ -545,7 +545,7 @@ InitPlan(CmdType operation, Query *parseTree, Plan *plan, EState *estate)
erm = (execRowMark *) palloc(sizeof(execRowMark));
erm->relation = relation;
erm->rti = rti;
- sprintf(erm->resname, "ctid%u", rti);
+ snprintf(erm->resname, 32, "ctid%u", rti);
estate->es_rowMark = lappend(estate->es_rowMark, erm);
}
}
diff --git a/src/backend/optimizer/plan/planner.c b/src/backend/optimizer/plan/planner.c
index 999702a05a9..b55f8380d47 100644
--- a/src/backend/optimizer/plan/planner.c
+++ b/src/backend/optimizer/plan/planner.c
@@ -8,7 +8,7 @@
*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/backend/optimizer/plan/planner.c,v 1.122 2002/06/20 20:29:31 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/backend/optimizer/plan/planner.c,v 1.123 2002/08/28 20:46:23 momjian Exp $
*
*-------------------------------------------------------------------------
*/
@@ -961,7 +961,7 @@ grouping_planner(Query *parse, double tuple_fraction)
TargetEntry *ctid;
resname = (char *) palloc(32);
- sprintf(resname, "ctid%u", rti);
+ snprintf(resname, 32, "ctid%u", rti);
resdom = makeResdom(length(tlist) + 1,
TIDOID,
-1,
diff --git a/src/backend/parser/analyze.c b/src/backend/parser/analyze.c
index ffa371d9260..514573b79a6 100644
--- a/src/backend/parser/analyze.c
+++ b/src/backend/parser/analyze.c
@@ -6,7 +6,7 @@
* Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
- * $Header: /cvsroot/pgsql/src/backend/parser/analyze.c,v 1.244 2002/08/27 04:55:07 tgl Exp $
+ * $Header: /cvsroot/pgsql/src/backend/parser/analyze.c,v 1.245 2002/08/28 20:46:23 momjian Exp $
*
*-------------------------------------------------------------------------
*/
@@ -2157,7 +2157,7 @@ transformSetOperationTree(ParseState *pstate, SelectStmt *stmt)
/*
* Make the leaf query be a subquery in the top-level rangetable.
*/
- sprintf(selectName, "*SELECT* %d", length(pstate->p_rtable) + 1);
+ snprintf(selectName, 32, "*SELECT* %d", length(pstate->p_rtable) + 1);
rte = addRangeTableEntryForSubquery(pstate,
selectQuery,
makeAlias(selectName, NIL),
diff --git a/src/backend/parser/gram.y b/src/backend/parser/gram.y
index 7fcc01a38f6..561145bb97d 100644
--- a/src/backend/parser/gram.y
+++ b/src/backend/parser/gram.y
@@ -11,7 +11,7 @@
*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/backend/parser/gram.y,v 2.362 2002/08/28 14:35:37 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/backend/parser/gram.y,v 2.363 2002/08/28 20:46:23 momjian Exp $
*
* HISTORY
* AUTHOR DATE MAJOR EVENT
@@ -2096,7 +2096,7 @@ TriggerFuncArg:
ICONST
{
char buf[64];
- sprintf (buf, "%d", $1);
+ snprintf (buf, sizeof(buf), "%d", $1);
$$ = makeString(pstrdup(buf));
}
| FCONST { $$ = makeString($1); }
diff --git a/src/backend/utils/adt/mac.c b/src/backend/utils/adt/mac.c
index 832c5cb4f84..c12163921db 100644
--- a/src/backend/utils/adt/mac.c
+++ b/src/backend/utils/adt/mac.c
@@ -1,7 +1,7 @@
/*
* PostgreSQL type definitions for MAC addresses.
*
- * $Header: /cvsroot/pgsql/src/backend/utils/adt/mac.c,v 1.24 2002/06/17 07:00:26 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/backend/utils/adt/mac.c,v 1.25 2002/08/28 20:46:24 momjian Exp $
*/
#include "postgres.h"
@@ -80,7 +80,7 @@ macaddr_out(PG_FUNCTION_ARGS)
result = (char *) palloc(32);
- sprintf(result, "%02x:%02x:%02x:%02x:%02x:%02x",
+ snprintf(result, 32, "%02x:%02x:%02x:%02x:%02x:%02x",
addr->a, addr->b, addr->c, addr->d, addr->e, addr->f);
PG_RETURN_CSTRING(result);
diff --git a/src/backend/utils/adt/tid.c b/src/backend/utils/adt/tid.c
index 5a784a44768..bd642a26e97 100644
--- a/src/backend/utils/adt/tid.c
+++ b/src/backend/utils/adt/tid.c
@@ -8,7 +8,7 @@
*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/backend/utils/adt/tid.c,v 1.33 2002/08/15 16:36:05 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/backend/utils/adt/tid.c,v 1.34 2002/08/28 20:46:24 momjian Exp $
*
* NOTES
* input routine largely stolen from boxin().
@@ -101,7 +101,7 @@ tidout(PG_FUNCTION_ARGS)
blockNumber = BlockIdGetBlockNumber(blockId);
offsetNumber = itemPtr->ip_posid;
- sprintf(buf, "(%u,%u)", blockNumber, offsetNumber);
+ snprintf(buf, sizeof(buf), "(%u,%u)", blockNumber, offsetNumber);
PG_RETURN_CSTRING(pstrdup(buf));
}
diff --git a/src/backend/utils/adt/varlena.c b/src/backend/utils/adt/varlena.c
index 9f8a4d563ee..52598aba9e8 100644
--- a/src/backend/utils/adt/varlena.c
+++ b/src/backend/utils/adt/varlena.c
@@ -8,7 +8,7 @@
*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/backend/utils/adt/varlena.c,v 1.88 2002/08/22 03:24:00 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/backend/utils/adt/varlena.c,v 1.89 2002/08/28 20:46:24 momjian Exp $
*
*-------------------------------------------------------------------------
*/
@@ -1787,12 +1787,11 @@ to_hex32(PG_FUNCTION_ARGS)
{
static char digits[] = "0123456789abcdef";
char buf[32]; /* bigger than needed, but reasonable */
- char *ptr,
- *end;
+ char *ptr;
text *result_text;
int32 value = PG_GETARG_INT32(0);
- end = ptr = buf + sizeof(buf) - 1;
+ ptr = buf + sizeof(buf) - 1;
*ptr = '\0';
do
@@ -1814,12 +1813,11 @@ to_hex64(PG_FUNCTION_ARGS)
{
static char digits[] = "0123456789abcdef";
char buf[32]; /* bigger than needed, but reasonable */
- char *ptr,
- *end;
+ char *ptr;
text *result_text;
int64 value = PG_GETARG_INT64(0);
- end = ptr = buf + sizeof(buf) - 1;
+ ptr = buf + sizeof(buf) - 1;
*ptr = '\0';
do
diff --git a/src/bin/pg_dump/pg_backup_tar.c b/src/bin/pg_dump/pg_backup_tar.c
index 38c84d9b482..87f53e17d55 100644
--- a/src/bin/pg_dump/pg_backup_tar.c
+++ b/src/bin/pg_dump/pg_backup_tar.c
@@ -16,7 +16,7 @@
*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/bin/pg_dump/pg_backup_tar.c,v 1.25 2002/08/20 17:54:44 petere Exp $
+ * $Header: /cvsroot/pgsql/src/bin/pg_dump/pg_backup_tar.c,v 1.26 2002/08/28 20:46:24 momjian Exp $
*
*-------------------------------------------------------------------------
*/
@@ -1189,12 +1189,10 @@ static void
_tarWriteHeader(TAR_MEMBER *th)
{
char h[512];
- int i;
int lastSum = 0;
int sum;
- for (i = 0; i < 512; i++)
- h[i] = '\0';
+ memset(h, 0, sizeof(h));
/* Name 100 */
sprintf(&h[0], "%.99s", th->targetFile);
diff --git a/src/bin/pg_dump/pg_backup_tar.h b/src/bin/pg_dump/pg_backup_tar.h
index a183e248996..bfaa456a161 100644
--- a/src/bin/pg_dump/pg_backup_tar.h
+++ b/src/bin/pg_dump/pg_backup_tar.h
@@ -1,10 +1,10 @@
/*
- * $Header: /cvsroot/pgsql/src/bin/pg_dump/pg_backup_tar.h,v 1.3 2001/03/22 04:00:14 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/bin/pg_dump/pg_backup_tar.h,v 1.4 2002/08/28 20:46:24 momjian Exp $
*
* TAR Header
*
* Offset Length Contents
- * 0 100 bytes File name ('\0' terminated, 99 maxmum length)
+ * 0 100 bytes File name ('\0' terminated, 99 maximum length)
* 100 8 bytes File mode (in octal ascii)
* 108 8 bytes User ID (in octal ascii)
* 116 8 bytes Group ID (in octal ascii)
@@ -12,10 +12,10 @@
* 136 12 bytes Modify time (in octal ascii)
* 148 8 bytes Header checksum (in octal ascii)
* 156 1 bytes Link flag
- * 157 100 bytes Linkname ('\0' terminated, 99 maxmum length)
+ * 157 100 bytes Linkname ('\0' terminated, 99 maximum length)
* 257 8 bytes Magic ("ustar \0")
- * 265 32 bytes User name ('\0' terminated, 31 maxmum length)
- * 297 32 bytes Group name ('\0' terminated, 31 maxmum length)
+ * 265 32 bytes User name ('\0' terminated, 31 maximum length)
+ * 297 32 bytes Group name ('\0' terminated, 31 maximum length)
* 329 8 bytes Major device ID (in octal ascii)
* 337 8 bytes Minor device ID (in octal ascii)
* 345 167 bytes Padding
diff --git a/src/bin/psql/print.c b/src/bin/psql/print.c
index f8dd092d677..bd0366528f5 100644
--- a/src/bin/psql/print.c
+++ b/src/bin/psql/print.c
@@ -3,7 +3,7 @@
*
* Copyright 2000 by PostgreSQL Global Development Group
*
- * $Header: /cvsroot/pgsql/src/bin/psql/print.c,v 1.29 2002/08/27 20:16:48 petere Exp $
+ * $Header: /cvsroot/pgsql/src/bin/psql/print.c,v 1.30 2002/08/28 20:46:24 momjian Exp $
*/
#include "postgres_fe.h"
#include "print.h"
@@ -494,9 +494,9 @@ print_aligned_vertical(const char *title, const char *const * headers,
}
if (opt_border == 0)
- sprintf(record_str, "* Record %d", record++);
+ snprintf(record_str, 32, "* Record %d", record++);
else
- sprintf(record_str, "[ RECORD %d ]", record++);
+ snprintf(record_str, 32, "[ RECORD %d ]", record++);
record_str_len = strlen(record_str);
if (record_str_len + opt_border > strlen(divider))
diff --git a/src/interfaces/cli/example2.c b/src/interfaces/cli/example2.c
index 42a63e5b503..6a4fb56c732 100644
--- a/src/interfaces/cli/example2.c
+++ b/src/interfaces/cli/example2.c
@@ -56,7 +56,7 @@ example2(SQLCHAR *server, SQLCHAR *uid, SQLCHAR *authen, SQLCHAR *sqlstr)
SQLHDBC hdbc;
SQLHSTMT hstmt;
SQLCHAR errmsg[256];
- SQLCHAR colname[32];
+ SQLCHAR colname[64];
SQLSMALLINT coltype;
SQLSMALLINT colnamelen;
SQLSMALLINT nullable;
diff --git a/src/pl/plpgsql/src/gram.y b/src/pl/plpgsql/src/gram.y
index 0a181cd07e2..75d0a0b07a2 100644
--- a/src/pl/plpgsql/src/gram.y
+++ b/src/pl/plpgsql/src/gram.y
@@ -4,7 +4,7 @@
* procedural language
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/pl/plpgsql/src/gram.y,v 1.34 2002/08/08 01:36:04 tgl Exp $
+ * $Header: /cvsroot/pgsql/src/pl/plpgsql/src/gram.y,v 1.35 2002/08/28 20:46:24 momjian Exp $
*
* This software is copyrighted by Jan Wieck - Hamburg.
*
@@ -1594,7 +1594,7 @@ read_sql_construct(int until,
{
case T_VARIABLE:
params[nparams] = yylval.variable->dno;
- sprintf(buf, " $%d ", ++nparams);
+ snprintf(buf, sizeof(buf), " $%d ", ++nparams);
plpgsql_dstring_append(&ds, buf);
break;
@@ -1791,7 +1791,7 @@ make_select_stmt(void)
{
case T_VARIABLE:
params[nparams] = yylval.variable->dno;
- sprintf(buf, " $%d ", ++nparams);
+ snprintf(buf, sizeof(buf), " $%d ", ++nparams);
plpgsql_dstring_append(&ds, buf);
break;
diff --git a/src/pl/plpgsql/src/pl_comp.c b/src/pl/plpgsql/src/pl_comp.c
index c85207780f1..70f1de470c9 100644
--- a/src/pl/plpgsql/src/pl_comp.c
+++ b/src/pl/plpgsql/src/pl_comp.c
@@ -3,7 +3,7 @@
* procedural language
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_comp.c,v 1.47 2002/08/22 00:01:50 tgl Exp $
+ * $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_comp.c,v 1.48 2002/08/28 20:46:24 momjian Exp $
*
* This software is copyrighted by Jan Wieck - Hamburg.
*
@@ -249,7 +249,7 @@ plpgsql_compile(Oid fn_oid, int functype)
{
char buf[32];
- sprintf(buf, "$%d", i + 1); /* name for variable */
+ snprintf(buf, sizeof(buf), "$%d", i + 1); /* name for variable */
/*
* Get the parameters type
--
GitLab