diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2014-10-26 19:17:55 -0400 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2014-10-26 19:17:55 -0400 |
| commit | 9711fa06081da230e62fa52147c49ccf7b9ccbe2 (patch) | |
| tree | 53b380eea50edb794d27bc8e555a38fce7ecc811 /src | |
| parent | a4523c5aa5349510ddb74abddc416add2536ec3d (diff) | |
| download | postgresql-9711fa06081da230e62fa52147c49ccf7b9ccbe2.tar.gz postgresql-9711fa06081da230e62fa52147c49ccf7b9ccbe2.zip | |
Fix undersized result buffer in pset_quoted_string().
The malloc request was 1 byte too small for the worst-case output.
This seems relatively unlikely to cause any problems in practice,
as the worst case only occurs if the input string contains no
characters other than single-quote or newline, and even then
malloc alignment padding would probably save the day. But it's
definitely a bug.
David Rowley
Diffstat (limited to 'src')
| -rw-r--r-- | src/bin/psql/command.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/bin/psql/command.c b/src/bin/psql/command.c index cb94ce34bbd..260893523a5 100644 --- a/src/bin/psql/command.c +++ b/src/bin/psql/command.c @@ -2711,7 +2711,7 @@ pset_bool_string(bool val) static char * pset_quoted_string(const char *str) { - char *ret = pg_malloc(strlen(str) * 2 + 2); + char *ret = pg_malloc(strlen(str) * 2 + 3); char *r = ret; *r++ = '\''; |