rdelaage/postgresql
1
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2024-09-27 15:32:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
fd5a2db774
postgresql/src/backend
History
Peter Eisentraut 9a46324fd4 Fix several one-byte buffer over-reads in to_number 
Several places in NUM_numpart_from_char(), which is called from the SQL
function to_number(text, text), could accidentally read one byte past
the end of the input buffer (which comes from the input text datum and
is not null-terminated).

1. One leading space character would be skipped, but there was no check
   that the input was at least one byte long.  This does not happen in
   practice, but for defensiveness, add a check anyway.

2. Commit 4a3a1e2cf apparently accidentally doubled that code that skips
   one space character (so that two spaces might be skipped), but there
   was no overflow check before skipping the second byte.  Fix by
   removing that duplicate code.

3. A logic error would allow a one-byte over-read when looking for a
   trailing sign (S) placeholder.

In each case, the extra byte cannot be read out directly, but looking at
it might cause a crash.

The third item was discovered by Piotr Stefaniak, the first two were
found and analyzed by Tom Lane and Peter Eisentraut.
2016-08-08 11:12:59 -04:00
..
access In B-tree page deletion, clean up properly after page deletion failure. 2016-08-06 14:28:37 -04:00
bootstrap
catalog Correct column name in information schema 2016-08-07 21:56:13 -04:00
commands Fix misestimation of n_distinct for a nearly-unique column with many nulls. 2016-08-07 18:52:02 -04:00
executor Fix two errors with nested CASE/WHEN constructs. 2016-08-08 10:33:46 -04:00
foreign Remove GetUserMappingId() and GetUserMappingById(). 2016-07-22 11:32:23 -04:00
lib
libpq Don't CHECK_FOR_INTERRUPTS between WaitLatch and ResetLatch. 2016-08-01 15:13:53 -04:00
main
nodes Teach parser to transform "x IS [NOT] DISTINCT FROM NULL" to a NullTest. 2016-07-28 17:23:13 -04:00
optimizer Fix two errors with nested CASE/WHEN constructs. 2016-08-08 10:33:46 -04:00
parser Make INSERT-from-multiple-VALUES-rows handle targetlist indirection better. 2016-08-03 16:37:03 -04:00
po Translation updates 2016-08-08 11:08:00 -04:00
port
postmaster Fix bogus coding in WaitForBackgroundWorkerShutdown(). 2016-08-04 16:06:14 -04:00
regex
replication Don't propagate a null subtransaction snapshot up to parent transaction. 2016-08-07 13:15:55 -04:00
rewrite
snowball
storage Don't CHECK_FOR_INTERRUPTS between WaitLatch and ResetLatch. 2016-08-01 15:13:53 -04:00
tcop Fix TOAST access failure in RETURNING queries. 2016-08-07 17:46:08 -04:00
tsearch Fix misestimation of n_distinct for a nearly-unique column with many nulls. 2016-08-07 18:52:02 -04:00
utils Fix several one-byte buffer over-reads in to_number 2016-08-08 11:12:59 -04:00
.gitignore
common.mk
Makefile
nls.mk