diff options
| author | Stephen Frost <sfrost@snowman.net> | 2013-07-15 10:42:27 -0400 |
|---|---|---|
| committer | Stephen Frost <sfrost@snowman.net> | 2013-07-15 10:42:27 -0400 |
| commit | 03010366b6fb61aac0998f234478cc745ff97b0c (patch) | |
| tree | 37e9b356f6246760461b2aeb106450141de9b820 | |
| parent | 3355443fb188b86d59ca90912d5456b427c29116 (diff) | |
| download | postgresql-03010366b6fb61aac0998f234478cc745ff97b0c.tar.gz postgresql-03010366b6fb61aac0998f234478cc745ff97b0c.zip | |
Correct off-by-one when reading from pipe
In pg_basebackup.c:reached_end_position(), we're reading from an
internal pipe with our own background process but we're possibly
reading more bytes than will actually fit into our buffer due to
an off-by-one error. As we're reading from an internal pipe
there's no real risk here, but it's good form to not depend on
such convenient arrangements.
Bug spotted by the Coverity scanner.
Back-patch to 9.2 where this showed up.
| -rw-r--r-- | src/bin/pg_basebackup/pg_basebackup.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/bin/pg_basebackup/pg_basebackup.c b/src/bin/pg_basebackup/pg_basebackup.c index 56657a42c40..a1e12a8aaa3 100644 --- a/src/bin/pg_basebackup/pg_basebackup.c +++ b/src/bin/pg_basebackup/pg_basebackup.c @@ -174,7 +174,7 @@ reached_end_position(XLogRecPtr segendpos, uint32 timeline, lo; MemSet(xlogend, 0, sizeof(xlogend)); - r = read(bgpipe[0], xlogend, sizeof(xlogend)); + r = read(bgpipe[0], xlogend, sizeof(xlogend)-1); if (r < 0) { fprintf(stderr, _("%s: could not read from ready pipe: %s\n"), |