Home > mailing lists

Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL (fwd) - Mailing list pgsql-hackers

From	Neil Conway
Subject	Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL (fwd)
Date	August 20, 2002 16:55:16
Msg-id	877kilb69s.fsf@mailbox.samurai.com Whole thread Raw
In response to	Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL (fwd) (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL
List	pgsql-hackers

Tree view

Tom Lane <tgl@sss.pgh.pa.us> writes:
> Neil Conway <neilc@samurai.com> writes:
> > +     /* Check for integer overflow */
> > +     if (tlen / slen != count)
> > +         elog(ERROR, "Requested buffer is too large.");
>
> What about slen == 0?

Good point -- that wouldn't cause incorrect results or a security
problem, but it would reject input that we should really accept.

Revised patch is attached.

Cheers,

Neil

--
Neil Conway <neilc@samurai.com> || PGP Key ID: DB3C29FC

Attachment

repeat_fix-2.patch

pgsql-hackers by date:

From: Bruce Momjian
Date: 20 August 2002, 16:52:16
Subject: Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL

From: Tom Lane
Date: 20 August 2002, 16:56:32
Subject: Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in

Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL (fwd) - Mailing list pgsql-hackers

Attachment

Previous

Next