rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

The attached patch changes most of the usages of sprintf() to 

snprintf() in contrib/. I didn't touch the places where pointer
arithmatic was being used, or other areas where the fix wasn't
trivial. I would think that few, if any, of the usages of sprintf()
were actually exploitable, but it's probably better to be paranoid...

Neil Conway
This commit is contained in:
Bruce Momjian 2002-08-15 02:58:29 +00:00
parent 7f4981f4af
commit 66eb8df6a4
15 changed files with 80 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
contrib/dbase/dbf.c
View File

@ -437,7 +437,7 @@ dbf_put_record(dbhead * dbh, field * rec, u_long where)
format: sprintf format-string to get the right precision with real numbers
NOTE: this declaration of 'foo' can cause overflow when the contents-field
is longer the 127 chars (which is highly unlikely, cos it is not used
is longer the 127 chars (which is highly unlikely, because it is not used
in text-fields).
*/
/* REMEMBER THAT THERE'S A 0x1A AT THE END OF THE FILE, SO DON'T
@ -488,11 +488,11 @@ dbf_put_record(dbhead * dbh, field * rec, u_long where)
if ((rec[t].db_type == 'N') && (rec[t].db_dec != 0))
{
fl = atof(rec[t].db_contents);
sprintf(format, "%%.%df", rec[t].db_dec);
sprintf(foo, format, fl);
snprintf(format, 32, "%%.%df", rec[t].db_dec);
snprintf(foo, 128, format, fl);
}
else
strcpy(foo, rec[t].db_contents);
strncpy(foo, rec[t].db_contents, 128);
if (strlen(foo) > rec[t].db_flen)
length = rec[t].db_flen;
else

6
contrib/dbase/dbf2pg.c
View File

@ -308,7 +308,7 @@ do_create(PGconn *conn, char *table, dbhead * dbh)
if (dbh->db_fields[i].db_flen > 1)
{
strcat(query, " varchar");
sprintf(t, "(%d)",
snprintf(t, 20, "(%d)",
dbh->db_fields[i].db_flen);
strcat(query, t);
}
@ -361,7 +361,7 @@ do_inserts(PGconn *conn, char *table, dbhead * dbh)
result;
char *query,
*foo;
char pgdate[10];
char pgdate[11];
if (verbose > 1)
printf("Inserting records\n");
@ -467,7 +467,7 @@ do_inserts(PGconn *conn, char *table, dbhead * dbh)
{
if ((strlen(foo) == 8) && isinteger(foo))
{
sprintf(pgdate, "%c%c%c%c-%c%c-%c%c",
snprintf(pgdate, 11, "%c%c%c%c-%c%c-%c%c",
foo[0], foo[1], foo[2], foo[3],
foo[4], foo[5], foo[6], foo[7]);
strcat(query, pgdate);

4
contrib/findoidjoins/findoidjoins.c
View File

@ -68,14 +68,14 @@ main(int argc, char **argv)
{
unset_result(relres);
if (strcmp(typname, "oid") == 0)
sprintf(query, "\
snprintf(query, 4000, "\
DECLARE c_matches BINARY CURSOR FOR \
SELECT count(*)::int4 \
FROM \"%s\" t1, \"%s\" t2 \
WHERE t1.\"%s\" = t2.oid ",
relname, relname2, attname);
else
sprintf(query, "\
sprintf(query, 4000, "\
DECLARE c_matches BINARY CURSOR FOR \
SELECT count(*)::int4 \
FROM \"%s\" t1, \"%s\" t2 \

4
contrib/lo/lo.c
View File

@ -1,7 +1,7 @@
/*
* PostgreSQL type definitions for managed LargeObjects.
*
* $Header: /cvsroot/pgsql/contrib/lo/lo.c,v 1.11 2001/12/07 04:18:31 inoue Exp $
* $Header: /cvsroot/pgsql/contrib/lo/lo.c,v 1.12 2002/08/15 02:58:29 momjian Exp $
*
*/
@ -92,7 +92,7 @@ lo_out(Blob * addr)
return (NULL);
result = (char *) palloc(32);
sprintf(result, "%u", *addr);
snprintf(result, 32, "%u", *addr);
return (result);
}

12
contrib/mSQL-interface/mpgsql.c
View File

@ -106,7 +106,7 @@ msqlCreateDB(int a, char *b)
{
char tbuf[BUFSIZ];
sprintf(tbuf, "create database %s", b);
snprintf(tbuf, BUFSIZ, "create database %s", b);
return msqlQuery(a, tbuf) >= 0 ? 0 : -1;
}
@ -115,7 +115,7 @@ msqlDropDB(int a, char *b)
{
char tbuf[BUFSIZ];
sprintf(tbuf, "drop database %s", b);
snprintf(tbuf, BUFSIZ, "drop database %s", b);
return msqlQuery(a, tbuf) >= 0 ? 0 : -1;
}
@ -262,7 +262,9 @@ msqlListTables(int a)
m_result *m;
char tbuf[BUFSIZ];
sprintf(tbuf, "select relname from pg_class where relkind='r' and relowner=%d", getuid());
snprintf(tbuf, BUFSIZ,
"select relname from pg_class where relkind='r' and relowner=%d",
getuid());
if (msqlQuery(a, tbuf) > 0)
{
m = msqlStoreResult();
@ -284,7 +286,9 @@ msqlListIndex(int a, char *b, char *c)
m_result *m;
char tbuf[BUFSIZ];
sprintf(tbuf, "select relname from pg_class where relkind='i' and relowner=%d", getuid());
snprintf(tbuf, BUFSIZ,
"select relname from pg_class where relkind='i' and relowner=%d",
getuid());
if (msqlQuery(a, tbuf) > 0)
{
m = msqlStoreResult();

10
contrib/oid2name/oid2name.c
View File

@ -337,7 +337,7 @@ sql_exec_dumpdb(PGconn *conn)
char todo[1024];
/* get the oid and database name from the system pg_database table */
sprintf(todo, "select oid,datname from pg_database");
snprintf(todo, 1024, "select oid,datname from pg_database");
sql_exec(conn, todo, 0);
}
@ -351,9 +351,9 @@ sql_exec_dumptable(PGconn *conn, int systables)
/* don't exclude the systables if this is set */
if (systables == 1)
sprintf(todo, "select relfilenode,relname from pg_class order by relname");
snprintf(todo, 1024, "select relfilenode,relname from pg_class order by relname");
else
sprintf(todo, "select relfilenode,relname from pg_class where relname not like 'pg_%%' order by relname");
snprintf(todo, 1024, "select relfilenode,relname from pg_class where relname not like 'pg_%%' order by relname");
sql_exec(conn, todo, 0);
}
@ -367,7 +367,7 @@ sql_exec_searchtable(PGconn *conn, const char *tablename)
char todo[1024];
/* get the oid and tablename where the name matches tablename */
sprintf(todo, "select relfilenode,relname from pg_class where relname = '%s'", tablename);
snprintf(todo, 1024, "select relfilenode,relname from pg_class where relname = '%s'", tablename);
returnvalue = sql_exec(conn, todo, 1);
@ -386,7 +386,7 @@ sql_exec_searchoid(PGconn *conn, int oid)
int returnvalue;
char todo[1024];
sprintf(todo, "select relfilenode,relname from pg_class where oid = %i", oid);
snprintf(todo, 1024, "select relfilenode,relname from pg_class where oid = %i", oid);
returnvalue = sql_exec(conn, todo, 1);

13
contrib/pg_dumplo/lo_export.c
View File

@ -1,7 +1,7 @@
/* -------------------------------------------------------------------------
* pg_dumplo
*
* $Header: /cvsroot/pgsql/contrib/pg_dumplo/Attic/lo_export.c,v 1.8 2001/10/25 05:49:19 momjian Exp $
* $Header: /cvsroot/pgsql/contrib/pg_dumplo/Attic/lo_export.c,v 1.9 2002/08/15 02:58:29 momjian Exp $
*
* Karel Zak 1999-2000
* -------------------------------------------------------------------------
@ -110,8 +110,9 @@ pglo_export(LODumpMaster * pgLO)
/*
* Query: find the LOs referenced by this column
*/
sprintf(Qbuff, "SELECT DISTINCT l.loid FROM \"%s\" x, pg_largeobject l WHERE x.\"%s\" = l.loid",
ll->lo_table, ll->lo_attr);
snprintf(Qbuff, QUERY_BUFSIZ,
"SELECT DISTINCT l.loid FROM \"%s\" x, pg_largeobject l WHERE x.\"%s\" = l.loid",
ll->lo_table, ll->lo_attr);
/* puts(Qbuff); */
@ -140,7 +141,7 @@ pglo_export(LODumpMaster * pgLO)
if (pgLO->action != ACTION_SHOW)
{
sprintf(path, "%s/%s/%s", pgLO->space, pgLO->db,
snprintf(path, BUFSIZ, "%s/%s/%s", pgLO->space, pgLO->db,
ll->lo_table);
if (mkdir(path, DIR_UMASK) == -1)
@ -152,7 +153,7 @@ pglo_export(LODumpMaster * pgLO)
}
}
sprintf(path, "%s/%s/%s/%s", pgLO->space, pgLO->db,
snprintf(path, BUFSIZ, "%s/%s/%s/%s", pgLO->space, pgLO->db,
ll->lo_table, ll->lo_attr);
if (mkdir(path, DIR_UMASK) == -1)
@ -185,7 +186,7 @@ pglo_export(LODumpMaster * pgLO)
continue;
}
sprintf(path, "%s/%s/%s/%s/%s", pgLO->space,
snprintf(path, BUFSIZ, "%s/%s/%s/%s/%s", pgLO->space,
pgLO->db, ll->lo_table, ll->lo_attr, val);
if (lo_export(pgLO->conn, lo, path) < 0)

7
contrib/pg_dumplo/lo_import.c
View File

@ -1,7 +1,7 @@
/* -------------------------------------------------------------------------
* pg_dumplo
*
* $Header: /cvsroot/pgsql/contrib/pg_dumplo/Attic/lo_import.c,v 1.6 2001/10/25 05:49:19 momjian Exp $
* $Header: /cvsroot/pgsql/contrib/pg_dumplo/Attic/lo_import.c,v 1.7 2002/08/15 02:58:29 momjian Exp $
*
* Karel Zak 1999-2000
* -------------------------------------------------------------------------
@ -48,7 +48,7 @@ pglo_import(LODumpMaster * pgLO)
loa.lo_table = tab;
loa.lo_attr = attr;
sprintf(lo_path, "%s/%s", pgLO->space, path);
snprintf(lo_path, BUFSIZ, "%s/%s", pgLO->space, path);
/*
* Import LO
@ -81,7 +81,8 @@ pglo_import(LODumpMaster * pgLO)
/*
* UPDATE oid in tab
*/
sprintf(Qbuff, "UPDATE \"%s\" SET \"%s\"=%u WHERE \"%s\"=%u",
snprintf(Qbuff, QUERY_BUFSIZ,
"UPDATE \"%s\" SET \"%s\"=%u WHERE \"%s\"=%u",
loa.lo_table, loa.lo_attr, new_oid, loa.lo_attr, loa.lo_oid);
/* fprintf(stderr, Qbuff); */

8
contrib/pg_dumplo/utils.c
View File

@ -1,7 +1,7 @@
/* -------------------------------------------------------------------------
* pg_dumplo
*
* $Header: /cvsroot/pgsql/contrib/pg_dumplo/Attic/utils.c,v 1.4 2001/03/22 03:59:10 momjian Exp $
* $Header: /cvsroot/pgsql/contrib/pg_dumplo/Attic/utils.c,v 1.5 2002/08/15 02:58:29 momjian Exp $
*
* Karel Zak 1999-2000
* -------------------------------------------------------------------------
@ -36,7 +36,7 @@ index_file(LODumpMaster * pgLO)
if (pgLO->action == ACTION_SHOW)
return;
sprintf(path, "%s/%s", pgLO->space, pgLO->db);
snprintf(path, BUFSIZ, "%s/%s", pgLO->space, pgLO->db);
if (pgLO->action == ACTION_EXPORT_ATTR ||
pgLO->action == ACTION_EXPORT_ALL)
@ -51,7 +51,7 @@ index_file(LODumpMaster * pgLO)
}
}
sprintf(path, "%s/lo_dump.index", path);
snprintf(path, BUFSIZ, "%s/lo_dump.index", path);
if ((pgLO->index = fopen(path, "w")) == NULL)
{
@ -63,7 +63,7 @@ index_file(LODumpMaster * pgLO)
else if (pgLO->action != ACTION_NONE)
{
sprintf(path, "%s/lo_dump.index", path);
snprintf(path, BUFSIZ, "%s/lo_dump.index", path);
if ((pgLO->index = fopen(path, "r")) == NULL)
{

4
contrib/pg_resetxlog/pg_resetxlog.c
View File

@ -23,7 +23,7 @@
* Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
* $Header: /cvsroot/pgsql/contrib/pg_resetxlog/Attic/pg_resetxlog.c,v 1.18 2002/06/20 20:29:24 momjian Exp $
* $Header: /cvsroot/pgsql/contrib/pg_resetxlog/Attic/pg_resetxlog.c,v 1.19 2002/08/15 02:58:29 momjian Exp $
*
*-------------------------------------------------------------------------
*/
@ -352,7 +352,7 @@ KillExistingXLOG(void)
if (strlen(xlde->d_name) == 16 &&
strspn(xlde->d_name, "0123456789ABCDEF") == 16)
{
sprintf(path, "%s/%s", XLogDir, xlde->d_name);
snprintf(path, MAXPGPATH, "%s/%s", XLogDir, xlde->d_name);
if (unlink(path) < 0)
{
perror(path);

20
contrib/pgbench/pgbench.c
View File

@ -1,5 +1,5 @@
/*
* $Header: /cvsroot/pgsql/contrib/pgbench/pgbench.c,v 1.17 2002/07/20 03:02:01 ishii Exp $
* $Header: /cvsroot/pgsql/contrib/pgbench/pgbench.c,v 1.18 2002/08/15 02:58:29 momjian Exp $
*
* pgbench: a simple TPC-B like benchmark program for PostgreSQL
* written by Tatsuo Ishii
@ -310,26 +310,26 @@ doOne(CState * state, int n, int debug, int ttype)
gettimeofday(&(st->txn_begin), 0);
break;
case 1:
sprintf(sql, "update accounts set abalance = abalance + %d where aid = %d\n", st->delta, st->aid);
snprintf(sql, 256, "update accounts set abalance = abalance + %d where aid = %d\n", st->delta, st->aid);
break;
case 2:
sprintf(sql, "select abalance from accounts where aid = %d", st->aid);
snprintf(sql, 256, "select abalance from accounts where aid = %d", st->aid);
break;
case 3:
if (ttype == 0)
{
sprintf(sql, "update tellers set tbalance = tbalance + %d where tid = %d\n",
snprintf(sql, 256, "update tellers set tbalance = tbalance + %d where tid = %d\n",
st->delta, st->tid);
break;
}
case 4:
if (ttype == 0)
{
sprintf(sql, "update branches set bbalance = bbalance + %d where bid = %d", st->delta, st->bid);
snprintf(sql, 256, "update branches set bbalance = bbalance + %d where bid = %d", st->delta, st->bid);
break;
}
case 5:
sprintf(sql, "insert into history(tid,bid,aid,delta,mtime) values(%d,%d,%d,%d,'now')",
snprintf(sql, 256, "insert into history(tid,bid,aid,delta,mtime) values(%d,%d,%d,%d,'now')",
st->tid, st->bid, st->aid, st->delta);
break;
case 6:
@ -426,7 +426,7 @@ doSelectOnly(CState * state, int n, int debug)
{
case 0:
st->aid = getrand(1, naccounts * tps);
sprintf(sql, "select abalance from accounts where aid = %d", st->aid);
snprintf(sql, 256, "select abalance from accounts where aid = %d", st->aid);
break;
}
@ -500,7 +500,7 @@ init(void)
for (i = 0; i < nbranches * tps; i++)
{
sprintf(sql, "insert into branches(bid,bbalance) values(%d,0)", i + 1);
snprintf(sql, 256, "insert into branches(bid,bbalance) values(%d,0)", i + 1);
res = PQexec(con, sql);
if (PQresultStatus(res) != PGRES_COMMAND_OK)
{
@ -512,7 +512,7 @@ init(void)
for (i = 0; i < ntellers * tps; i++)
{
sprintf(sql, "insert into tellers(tid,bid,tbalance) values (%d,%d,0)"
snprintf(sql, 256, "insert into tellers(tid,bid,tbalance) values (%d,%d,0)"
,i + 1, i / ntellers + 1);
res = PQexec(con, sql);
if (PQresultStatus(res) != PGRES_COMMAND_OK)
@ -550,7 +550,7 @@ init(void)
PQclear(res);
}
sprintf(sql, "%d\t%d\t%d\t\n", j, j / naccounts, 0);
snprintf(sql, 256, "%d\t%d\t%d\t\n", j, j / naccounts, 0);
if (PQputline(con, sql))
{
fprintf(stderr, "PQputline failed\n");

18
contrib/rserv/rserv.c
View File

@ -102,9 +102,10 @@ _rserv_log_()
if (keynum == ObjectIdAttributeNumber)
{
sprintf(oidbuf, "%u", rel->rd_rel->relhasoids
? HeapTupleGetOid(tuple)
: InvalidOid);
snprintf(oidbuf, "%u", 64,
rel->rd_rel->relhasoids
? HeapTupleGetOid(tuple)
: InvalidOid);
key = oidbuf;
}
else
@ -129,7 +130,7 @@ _rserv_log_()
else
okey = key;
sprintf(sql, "update _RSERV_LOG_ set logid = %d, logtime = now(), "
snprintf(sql, 8192, "update _RSERV_LOG_ set logid = %d, logtime = now(), "
"deleted = %d where reloid = %u and key = '%s'",
GetCurrentTransactionId(), deleted, rel->rd_id, okey);
@ -148,7 +149,7 @@ _rserv_log_()
elog(ERROR, "_rserv_log_: duplicate tuples");
else if (SPI_processed == 0)
{
sprintf(sql, "insert into _RSERV_LOG_ "
snprintf(sql, 8192, "insert into _RSERV_LOG_ "
"(reloid, logid, logtime, deleted, key) "
"values (%u, %d, now(), %d, '%s')",
rel->rd_id, GetCurrentTransactionId(),
@ -173,7 +174,7 @@ _rserv_log_()
else
okey = newkey;
sprintf(sql, "insert into _RSERV_LOG_ "
snprintf(sql, 8192, "insert into _RSERV_LOG_ "
"(reloid, logid, logtime, deleted, key) "
"values (%u, %d, now(), 0, '%s')",
rel->rd_id, GetCurrentTransactionId(), okey);
@ -222,14 +223,15 @@ _rserv_sync_(int32 server)
buf[0] = 0;
for (xcnt = 0; xcnt < SerializableSnapshot->xcnt; xcnt++)
{
sprintf(buf + strlen(buf), "%s%u", (xcnt) ? ", " : "",
snprintf(buf + strlen(buf), 8192 - strlen(buf),
"%s%u", (xcnt) ? ", " : "",
SerializableSnapshot->xip[xcnt]);
}
if ((ret = SPI_connect()) < 0)
elog(ERROR, "_rserv_sync_: SPI_connect returned %d", ret);
sprintf(sql, "insert into _RSERV_SYNC_ "
snprintf(sql, 8192, "insert into _RSERV_SYNC_ "
"(server, syncid, synctime, status, minid, maxid, active) "
"values (%u, currval('_rserv_sync_seq_'), now(), 0, %d, %d, '%s')",
server, SerializableSnapshot->xmin, SerializableSnapshot->xmax, active);

26
contrib/spi/refint.c
View File

@ -112,7 +112,7 @@ check_primary_key(PG_FUNCTION_ARGS)
* Construct ident string as TriggerName $ TriggeredRelationId and try
* to find prepared execution plan.
*/
sprintf(ident, "%s$%u", trigger->tgname, rel->rd_id);
snprintf(ident, 2 * NAMEDATALEN, "%s$%u", trigger->tgname, rel->rd_id);
plan = find_plan(ident, &PPlans, &nPPlans);
/* if there is no plan then allocate argtypes for preparation */
@ -160,10 +160,10 @@ check_primary_key(PG_FUNCTION_ARGS)
* Construct query: SELECT 1 FROM _referenced_relation_ WHERE
* Pkey1 = $1 [AND Pkey2 = $2 [...]]
*/
sprintf(sql, "select 1 from %s where ", relname);
snprintf(sql, 8192, "select 1 from %s where ", relname);
for (i = 0; i < nkeys; i++)
{
sprintf(sql + strlen(sql), "%s = $%d %s",
snprintf(sql + strlen(sql), 8192 - strlen(sql), "%s = $%d %s",
args[i + nkeys + 1], i + 1, (i < nkeys - 1) ? "and " : "");
}
@ -320,7 +320,7 @@ check_foreign_key(PG_FUNCTION_ARGS)
* Construct ident string as TriggerName $ TriggeredRelationId and try
* to find prepared execution plan(s).
*/
sprintf(ident, "%s$%u", trigger->tgname, rel->rd_id);
snprintf(ident, 2 * NAMEDATALEN, "%s$%u", trigger->tgname, rel->rd_id);
plan = find_plan(ident, &FPlans, &nFPlans);
/* if there is no plan(s) then allocate argtypes for preparation */
@ -411,7 +411,7 @@ check_foreign_key(PG_FUNCTION_ARGS)
*/
if (action == 'r')
sprintf(sql, "select 1 from %s where ", relname);
snprintf(sql, 8192, "select 1 from %s where ", relname);
/*---------
* For 'C'ascade action we construct DELETE query
@ -438,7 +438,7 @@ check_foreign_key(PG_FUNCTION_ARGS)
char *nv;
int k;
sprintf(sql, "update %s set ", relname);
snprintf(sql, 8192, "update %s set ", relname);
for (k = 1; k <= nkeys; k++)
{
int is_char_type = 0;
@ -461,7 +461,8 @@ check_foreign_key(PG_FUNCTION_ARGS)
* is_char_type =1 i set ' ' for define a new
* value
*/
sprintf(sql + strlen(sql), " %s = %s%s%s %s ",
snprintf(sql + strlen(sql), 8192 - strlen(sql),
" %s = %s%s%s %s ",
args2[k], (is_char_type > 0) ? "'" : "",
nv, (is_char_type > 0) ? "'" : "", (k < nkeys) ? ", " : "");
is_char_type = 0;
@ -471,7 +472,7 @@ check_foreign_key(PG_FUNCTION_ARGS)
}
else
/* DELETE */
sprintf(sql, "delete from %s where ", relname);
snprintf(sql, 8192, "delete from %s where ", relname);
}
@ -483,10 +484,11 @@ check_foreign_key(PG_FUNCTION_ARGS)
*/
else if (action == 's')
{
sprintf(sql, "update %s set ", relname);
snprintf(sql, 8192, "update %s set ", relname);
for (i = 1; i <= nkeys; i++)
{
sprintf(sql + strlen(sql), "%s = null%s",
snprintf(sql + strlen(sql), 8192 - strlen(sql),
"%s = null%s",
args2[i], (i < nkeys) ? ", " : "");
}
strcat(sql, " where ");
@ -495,7 +497,7 @@ check_foreign_key(PG_FUNCTION_ARGS)
/* Construct WHERE qual */
for (i = 1; i <= nkeys; i++)
{
sprintf(sql + strlen(sql), "%s = $%d %s",
snprintf(sql + strlen(sql), 8192 - strlen(sql), "%s = $%d %s",
args2[i], i, (i < nkeys) ? "and " : "");
}
@ -545,7 +547,7 @@ check_foreign_key(PG_FUNCTION_ARGS)
relname = args[0];
sprintf(ident, "%s$%u", trigger->tgname, rel->rd_id);
snprintf(ident, 2 * NAMEDATALEN, "%s$%u", trigger->tgname, rel->rd_id);
plan = find_plan(ident, &FPlans, &nFPlans);
ret = SPI_execp(plan->splan[r], kvals, NULL, tcount);
/* we have no NULLs - so we pass ^^^^ here */

6
contrib/spi/timetravel.c
View File

@ -250,7 +250,7 @@ timetravel(PG_FUNCTION_ARGS)
* Construct ident string as TriggerName $ TriggeredRelationId and try
* to find prepared execution plan.
*/
sprintf(ident, "%s$%u", trigger->tgname, rel->rd_id);
snprintf(ident, 2 * NAMEDATALEN, "%s$%u", trigger->tgname, rel->rd_id);
plan = find_plan(ident, &Plans, &nPlans);
/* if there is no plan ... */
@ -266,10 +266,10 @@ timetravel(PG_FUNCTION_ARGS)
/*
* Construct query: INSERT INTO _relation_ VALUES ($1, ...)
*/
sprintf(sql, "INSERT INTO %s VALUES (", relname);
snprintf(sql, 8192, "INSERT INTO %s VALUES (", relname);
for (i = 1; i <= natts; i++)
{
sprintf(sql + strlen(sql), "$%d%s",
snprintf(sql + strlen(sql), 8192 - strlen(sql), "$%d%s",
i, (i < natts) ? ", " : ")");
ctypes[i - 1] = SPI_gettypeid(tupdesc, i);
}

4
contrib/vacuumlo/vacuumlo.c
View File

@ -8,7 +8,7 @@
*
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/contrib/vacuumlo/vacuumlo.c,v 1.12 2002/06/20 20:29:24 momjian Exp $
* $Header: /cvsroot/pgsql/contrib/vacuumlo/vacuumlo.c,v 1.13 2002/08/15 02:58:29 momjian Exp $
*
*-------------------------------------------------------------------------
*/
@ -288,7 +288,7 @@ vacuumlo(char *database, struct _param *param)
* Postgres-ism and not portable to other DBMSs, but then this
* whole program is a Postgres-ism.
*/
sprintf(buf, "DELETE FROM vacuum_l WHERE lo = \"%s\".\"%s\" ",
snprintf(buf, BUFSIZE, "DELETE FROM vacuum_l WHERE lo = \"%s\".\"%s\" ",
table, field);
res2 = PQexec(conn, buf);
if (PQresultStatus(res2) != PGRES_COMMAND_OK)