From 70794254a1cc8557e4bddafbfdc4ff2567c653ce Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Sun, 21 May 2006 20:06:18 +0000 Subject: Change the backend to reject strings containing invalidly-encoded multibyte characters in all cases. Formerly we mostly just threw warnings for invalid input, and failed to detect it at all if no encoding conversion was required. The tighter check is needed to defend against SQL-injection attacks as per CVE-2006-2313 (further details will be published after release). Embedded zero (null) bytes will be rejected as well. The checks are applied during input to the backend (receipt from client or COPY IN), so it no longer seems necessary to check in textin() and related routines; any string arriving at those functions will already have been validated. Conversion failure reporting (for characters with no equivalent in the destination encoding) has been cleaned up and made consistent while at it. Also, fix a few longstanding errors in little-used encoding conversion routines: win1251_to_iso, win866_to_iso, euc_tw_to_big5, euc_tw_to_mic, mic_to_euc_tw were all broken to varying extents. Patches by Tatsuo Ishii and Tom Lane. Thanks to Akio Ishida and Yasuo Ohgaki for identifying the security issues. --- src/backend/utils/adt/varchar.c | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) (limited to 'src/backend/utils/adt/varchar.c') diff --git a/src/backend/utils/adt/varchar.c b/src/backend/utils/adt/varchar.c index 40e771ffab5..19b2de618a5 100644 --- a/src/backend/utils/adt/varchar.c +++ b/src/backend/utils/adt/varchar.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/utils/adt/varchar.c,v 1.108.4.1 2005/12/22 22:50:14 tgl Exp $ + * $PostgreSQL: pgsql/src/backend/utils/adt/varchar.c,v 1.108.4.2 2006/05/21 20:06:16 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -75,10 +75,7 @@ bpcharin(PG_FUNCTION_ARGS) int i; int charlen; /* number of charcters in the input string */ - /* verify encoding */ len = strlen(s); - pg_verifymbstr(s, len, false); - charlen = pg_mbstrlen(s); /* If typmod is -1 (or invalid), use the actual string length */ @@ -364,10 +361,7 @@ varcharin(PG_FUNCTION_ARGS) size_t len, maxlen; - /* verify encoding */ len = strlen(s); - pg_verifymbstr(s, len, false); - maxlen = atttypmod - VARHDRSZ; if (atttypmod >= (int32) VARHDRSZ && len > maxlen) -- cgit v1.2.3