postgresql

mirror of https://git.postgresql.org/git/postgresql.git synced 2024-09-07 20:59:23 +02:00

History

Noah Misch 31400a6733 Predict integer overflow to avoid buffer overruns. Several functions, mostly type input functions, calculated an allocation size such that the calculation wrapped to a small positive value when arguments implied a sufficiently-large requirement. Writes past the end of the inadvertent small allocation followed shortly thereafter. Coverity identified the path_in() vulnerability; code inspection led to the rest. In passing, add check_stack_depth() to prevent stack overflow in related functions. Back-patch to 8.4 (all supported versions). The non-comment hstore changes touch code that did not exist in 8.4, so that part stops at 9.0. Noah Misch and Heikki Linnakangas, reviewed by Tom Lane. Security: CVE-2014-0064		2014-02-17 09:33:31 -05:00
..
bench
data
expected
sql
_int_bool.c	Predict integer overflow to avoid buffer overruns.	2014-02-17 09:33:31 -05:00
_int_gin.c
_int_gist.c
_int_op.c
_int_tool.c
_int.h	Predict integer overflow to avoid buffer overruns.	2014-02-17 09:33:31 -05:00
_intbig_gist.c
.gitignore
intarray--1.0.sql
intarray--unpackaged--1.0.sql
intarray.control
Makefile