diff options
| author | Neil Conway <neilc@samurai.com> | 2005-05-26 02:14:32 +0000 |
|---|---|---|
| committer | Neil Conway <neilc@samurai.com> | 2005-05-26 02:14:32 +0000 |
| commit | ab82f60119077b2f6277da8ad4badd1a91980cb5 (patch) | |
| tree | fd02d83dd7ef9c5ccd9039a59bf845f691074a99 /src/backend/access/gist/gistget.c | |
| parent | d1d5c0fe2e7d00024524f752911b2e5ab63516eb (diff) | |
| download | postgresql-ab82f60119077b2f6277da8ad4badd1a91980cb5.tar.gz postgresql-ab82f60119077b2f6277da8ad4badd1a91980cb5.zip | |
Adjust datetime parsing to be more robust. We now pass the length of the
working buffer into ParseDateTime() and reject too-long input there,
rather than checking the length of the input string before calling
ParseDateTime(). The old method was bogus because ParseDateTime() can use
a variable amount of working space, depending on the content of the
input string (e.g. how many fields need to be NUL terminated). This fixes
a minor stack overrun -- I don't _think_ it's exploitable, although I
won't claim to be an expert.
Along the way, fix a bug reported by Mark Dilger: the working buffer
allocated by interval_in() was too short, which resulted in rejecting
some perfectly valid interval input values. I added a regression test for
this fix.
Diffstat (limited to 'src/backend/access/gist/gistget.c')
0 files changed, 0 insertions, 0 deletions