aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorTom Lane <tgl@sss.pgh.pa.us>2014-07-21 22:41:27 -0400
committerTom Lane <tgl@sss.pgh.pa.us>2014-07-21 22:41:27 -0400
commit7672bbca0e7b8f2cbdf8a984e13a891d919fde7b (patch)
tree9145ff482eb90bbc10ea27cc5e688c9d6cb71d99 /src
parentf7ba173cb3548ddccaab68fcaeae3dd5efdcfbf1 (diff)
downloadpostgresql-7672bbca0e7b8f2cbdf8a984e13a891d919fde7b.tar.gz
postgresql-7672bbca0e7b8f2cbdf8a984e13a891d919fde7b.zip
Reject out-of-range numeric timezone specifications.
In commit 631dc390f49909a5c8ebd6002cfb2bcee5415a9d, we started to handle simple numeric timezone offsets via the zic library instead of the old CTimeZone/HasCTZSet kluge. However, we overlooked the fact that the zic code will reject UTC offsets exceeding a week (which seems a bit arbitrary, but not because it's too tight ...). This led to possibly setting session_timezone to NULL, which results in crashes in most timezone-related operations as of 9.4, and crashes in a small number of places even before that. So check for NULL return from pg_tzset_offset() and report an appropriate error message. Per bug #11014 from Duncan Gillis. Back-patch to all supported branches, like the previous patch. (Unfortunately, as of today that no longer includes 8.4.)
Diffstat (limited to 'src')
-rw-r--r--src/backend/commands/variable.c7
-rw-r--r--src/timezone/pgtz.c3
2 files changed, 10 insertions, 0 deletions
diff --git a/src/backend/commands/variable.c b/src/backend/commands/variable.c
index d7820d1cbc4..21be079551e 100644
--- a/src/backend/commands/variable.c
+++ b/src/backend/commands/variable.c
@@ -373,6 +373,13 @@ check_timezone(char **newval, void **extra, GucSource source)
}
}
+ /* Test for failure in pg_tzset_offset, which we assume is out-of-range */
+ if (!myextra.session_timezone)
+ {
+ GUC_check_errdetail("UTC timezone offset is out of range.");
+ return false;
+ }
+
/*
* Prepare the canonical string to return. GUC wants it malloc'd.
*
diff --git a/src/timezone/pgtz.c b/src/timezone/pgtz.c
index 22367eadfb5..ca18184b7b9 100644
--- a/src/timezone/pgtz.c
+++ b/src/timezone/pgtz.c
@@ -296,6 +296,9 @@ pg_tzset(const char *name)
* The GMT offset is specified in seconds, positive values meaning west of
* Greenwich (ie, POSIX not ISO sign convention). However, we use ISO
* sign convention in the displayable abbreviation for the zone.
+ *
+ * Caution: this can fail (return NULL) if the specified offset is outside
+ * the range allowed by the zic library.
*/
pg_tz *
pg_tzset_offset(long gmtoffset)