| From: | ITAGAKI Takahiro <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp> |
|---|---|
| To: | pgsql-patches(at)postgresql(dot)org |
| Subject: | contrib/pgbench bugfix |
| Date: | 2006-07-31 04:25:54 |
| Message-ID: | 20060731132134.5649.ITAGAKI.TAKAHIRO@oss.ntt.co.jp |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pgsql-patches |
I found a buffer overflow bug in contrib/pgbench.
This occures when -c >= 2.
The type of 'state' is CState*, so we should use state+1 or &state[1],
not state + sizeof(*state)
*** pgbench.c Mon Jul 31 13:18:45 2006
--- pgbench.fixed.c Mon Jul 31 13:18:10 2006
*************** main(int argc, char **argv)
*** 1344,1350 ****
exit(1);
}
! memset(state + sizeof(*state), 0, sizeof(*state) * (nclients - 1));
for (i = 1; i < nclients; i++)
{
--- 1344,1350 ----
exit(1);
}
! memset(state + 1, 0, sizeof(*state) * (nclients - 1));
for (i = 1; i < nclients; i++)
{
Regards,
---
ITAGAKI Takahiro
NTT Open Source Software Center
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Lor | 2006-07-31 04:50:14 | Re: DTrace enabled build fails |
| Previous Message | Tom Lane | 2006-07-31 04:06:55 | Re: Let psql process files with > 4,294,967,295 lines |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tatsuo Ishii | 2006-07-31 05:11:39 | Re: contrib/pgbench bugfix |
| Previous Message | ITAGAKI Takahiro | 2006-07-31 02:47:08 | LWLock statistics collector |