Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Joe Conway <mail(at)joeconway(dot)com>
Cc: "Nigel J(dot) Andrews" <nandrews(at)investsystems(dot)co(dot)uk>, Tatsuo Ishii <t-ishii(at)sra(dot)co(dot)jp>, Justin Clift <justin(at)postgresql(dot)org>, Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au>, Vince Vielhaber <vev(at)michvhf(dot)com>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in
Date: 2002-08-20 15:45:37
Message-ID: 10798.1029858337@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Joe Conway <mail(at)joeconway(dot)com> writes:
> Is there ever a reason for a user to call a function with an opaque
> parameter directly? If not, can we simply REVOKE EXECUTE for these
> functions?

Not sure, but that doesn't solve the problem for array_eq and array_dims
in any case.

Good thought though ...

regards, tom lane

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Lamar Owen 2002-08-20 15:59:20 Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in
Previous Message Ross J. Reedstrom 2002-08-20 15:44:20 Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in