diff options
| author | Neil Conway <neilc@samurai.com> | 2005-05-26 02:10:03 +0000 |
|---|---|---|
| committer | Neil Conway <neilc@samurai.com> | 2005-05-26 02:10:03 +0000 |
| commit | 92525dd6c944a4c1233f2eaa6eed8e8d2b89669e (patch) | |
| tree | b2d9105c530ac76cabc9ba08adc39de30e0ae69a /src/backend/tcop/postgres.c | |
| parent | 9a1a9865803b5fec8df9dcf74a8ad97c7db5384d (diff) | |
| download | postgresql-92525dd6c944a4c1233f2eaa6eed8e8d2b89669e.tar.gz postgresql-92525dd6c944a4c1233f2eaa6eed8e8d2b89669e.zip | |
Adjust datetime parsing to be more robust. We now pass the length of the
working buffer into ParseDateTime() and reject too-long input there,
rather than checking the length of the input string before calling
ParseDateTime(). The old method was bogus because ParseDateTime() can use
a variable amount of working space, depending on the content of the
input string (e.g. how many fields need to be NUL terminated). This fixes
a minor stack overrun -- I don't _think_ it's exploitable, although I
won't claim to be an expert.
Along the way, fix a bug reported by Mark Dilger: the working buffer
allocated by interval_in() was too short, which resulted in rejecting
some perfectly valid interval input values. I added a regression test for
this fix.
Diffstat (limited to 'src/backend/tcop/postgres.c')
0 files changed, 0 insertions, 0 deletions