Quick Links

Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL (fwd)

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Vince Vielhaber <vev(at)michvhf(dot)com>
Cc:	pgsql-hackers(at)postgresql(dot)org
Subject:	Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in PostgreSQL (fwd)
Date:	2002-08-20 20:15:01
Message-ID:	2376.1029874501@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Vince Vielhaber <vev(at)michvhf(dot)com> writes:
> Where do we check that this:
> result = (text *) palloc(tlen);
> is even successful?

palloc elogs if it can't allocate the space; it's unlike malloc in that
respect. I believe it also has a guard to reject requests > 1Gb, so
I think it's reasonably proof against internal arithmetic overflows.

This problem is strictly repeat's error, not palloc's.

regards, tom lane

In response to

Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in at 2002-08-20 20:11:26 from Vince Vielhaber

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Zeugswetter Andreas SB SD	2002-08-20 20:17:28	Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in
Previous Message	Vince Vielhaber	2002-08-20 20:11:26	Re: @(#)Mordred Labs advisory 0x0003: Buffer overflow in