| From: | "Winter Loo" <winterloo(at)126(dot)com> |
|---|---|
| To: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | may be a buffer overflow problem |
| Date: | 2024-06-14 07:38:16 |
| Message-ID: | 4bf5ab75.6fd4.19015aecf9e.Coremail.winterloo@126.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi hackers,
I am using gcc version 11.3.0 to compile postgres source code. Gcc complains about the following line:
```c
strncpy(sqlca->sqlstate, "YE001", sizeof(sqlca->sqlstate));
```
with error as:
misc.c:529:17: error: ‘strncpy’ output truncated before terminating nul copying 5 bytes from a string of the same length [-Werror=stringop-truncation]
I find the definition of `sqlca->sqlstate` and it has only 5 bytes. When the statement
```c
strncpy(sqlca->sqlstate, "YE001", sizeof(sqlca->sqlstate));
```
get executed, `sqlca->sqlstate` will have no '\0' byte which makes me anxious when someone prints that as a string. Indeed, I found the code(in src/interfaces/ecpg/ecpglib/misc.c) does that,
```c
fprintf(debugstream, "[NO_PID]: sqlca: code: %ld, state: %s\n",
sqlca->sqlcode, sqlca->sqlstate);
```
Is there any chance to fix the code?
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Anton A. Melnikov | 2024-06-14 07:45:38 | Don't process multi xmax in FreezeMultiXactId() if it is already marked as invalid. |
| Previous Message | Dominique Devienne | 2024-06-14 07:16:25 | Re: Improve the granularity of PQsocketPoll's timeout parameter? |