Quick Links

Re: BUG #1189: unbounded string copy in postmaster

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	"George Gal" <ggal(at)vsecurity(dot)com>
Cc:	pgsql-bugs(at)postgresql(dot)org
Subject:	Re: BUG #1189: unbounded string copy in postmaster
Date:	2004-07-10 23:31:34
Message-ID:	21669.1089502294@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-bugs

"PostgreSQL Bugs List" <pgsql-bugs(at)postgresql(dot)org> writes:
> Looks like the -o command line option doesn't perform any bounds checking on
> the option before copying to the ExtraOptions[1024] char array. [line 529 of
> postmaster.c]

I cannot get super excited about this, since the person or script
starting the postmaster has to be trusted anyway. But I've tweaked
the code to prevent a buffer overrun here.

regards, tom lane

In response to

BUG #1189: unbounded string copy in postmaster at 2004-07-07 17:15:23 from PostgreSQL Bugs List

Browse pgsql-bugs by date

	From	Date	Subject
Next Message	Bruce Momjian	2004-07-11 03:14:25	Re: Dump/Restore of cvs regression database gives invalid timestamp
Previous Message	Tom Lane	2004-07-10 19:31:03	Re: [BUGS] BUG #1118: Misleading Commit message