Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL (fwd)

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Vince Vielhaber <vev(at)michvhf(dot)com>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL (fwd)
Date: 2002-08-20 20:15:01
Message-ID: 2376.1029874501@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Vince Vielhaber <vev(at)michvhf(dot)com> writes:
> Where do we check that this:
> result = (text *) palloc(tlen);
> is even successful?

palloc elogs if it can't allocate the space; it's unlike malloc in that
respect. I believe it also has a guard to reject requests > 1Gb, so
I think it's reasonably proof against internal arithmetic overflows.

This problem is strictly repeat's error, not palloc's.

regards, tom lane

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Zeugswetter Andreas SB SD 2002-08-20 20:17:28 Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in
Previous Message Vince Vielhaber 2002-08-20 20:11:26 Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in