Home > mailing lists

[PATCH] Fix out-of-bouds access (src/common/wchar.c) - Mailing list pgsql-hackers

From	Ranier Vilela
Subject	[PATCH] Fix out-of-bouds access (src/common/wchar.c)
Date	February 15, 2022 12:17:34
Msg-id	CAEudQAoxS13snR7+o23300srfQ6hH+utRVYSWfZ8qTmd5SLmEQ@mail.gmail.com Whole thread Raw
Responses	Re: [PATCH] Fix out-of-bouds access (src/common/wchar.c)
List	pgsql-hackers

Tree view

Hi,

Per Coverity.

Like the function pg_encoding_max_length_sql (src/backend/utils/mb/mbutils.c)

Only assertion is insufficient to avoid accessing array out-of-bounds.

This bug is live according Coverity at function: pg_verify_mbstr_len (src/backend/utils/mb/mbutils.c)

CID 1469870 (#1 of 1): Out-of-bounds access (OVERRUN)7. overrun-call: Overrunning callee's array of size 42 by passing argument src_encoding (which evaluates to 63) in call to pg_verify_mbstr_len. [show details]

633 retval = pg_verify_mbstr_len(src_encoding, src_str, len, false);

634

Trivial patch attached.

regards,

Ranier Vilela

Attachment

fix_out_of_bounds_wchar.patch

pgsql-hackers by date:

From: Nitin Jadhav
Date: 15 February 2022, 12:15:26
Subject: Re: Report checkpoint progress with pg_stat_progress_checkpoint (was: Report checkpoint progress in server logs)

From: Dave Page
Date: 15 February 2022, 12:30:28
Subject: Re: Observability in Postgres

[PATCH] Fix out-of-bouds access (src/common/wchar.c) - Mailing list pgsql-hackers

Attachment

Previous

Next