diff options
author | Tom Lane <tgl@sss.pgh.pa.us> | 2014-11-04 16:54:59 -0500 |
---|---|---|
committer | Tom Lane <tgl@sss.pgh.pa.us> | 2014-11-04 16:54:59 -0500 |
commit | f44290b7b3763f339ed66f883c0e85bb3c3c4e88 (patch) | |
tree | eadc33f15c3c31df1233eef10302d865f907494e /src/backend/access/transam/xlog.c | |
parent | f88300168b1c5786c4b167de17e1a0bbb252337e (diff) | |
download | postgresql-f44290b7b3763f339ed66f883c0e85bb3c3c4e88.tar.gz postgresql-f44290b7b3763f339ed66f883c0e85bb3c3c4e88.zip |
Avoid integer overflow and buffer overrun in hstore_to_json().
This back-patches commit 0c5783ff301ae3e470000c918bfc2395129de4c5 into the
9.3 branch. At the time, Heikki just thought he was fixing an unlikely
integer-overflow scenario, but in point of fact the original coding was
hopelessly broken: it supposed that escape_json never enlarges the data
more than 2X, which is wrong on its face. The revised code eliminates
making any a-priori assumptions about the output length.
Per report from Saul Costa. The bogus code doesn't exist before 9.3,
so no other branches need fixing.
Diffstat (limited to 'src/backend/access/transam/xlog.c')
0 files changed, 0 insertions, 0 deletions