| From: | Neil Conway <nconway(at)klamath(dot)dyndns(dot)org> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)atentus(dot)com> |
| Cc: | PostgreSQL Patches <pgsql-patches(at)postgresql(dot)org> |
| Subject: | Re: contrib/ buffer paranoia |
| Date: | 2002-08-12 20:44:46 |
| Message-ID: | 87sn1jx0w1.fsf@klamath.dyndns.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Alvaro Herrera <alvherre(at)atentus(dot)com> writes:
> Neil Conway dijo:
> > Alvaro Herrera <alvherre(at)atentus(dot)com> writes:
> > > I think in dbase/dbf2pg.c the limit of 10 to pgdate should be 11
> > > (snprintf counts the \0 at the end).
> >
> > Yes, but so does the array declaration itself: a char[10] can hold at
> > most 9 characters plus the '\0' terminator. I think the original code
> > is buggy: if the author wants to store 10 characters plus a terminator
> > in the array, it should be declared as a char[11]. Using snprintf() of
> > length 11 with a char[10] would allow for a one-character overrun.
>
> I agree. Maybe it worked out of pure luck (or some alignment magic).
> But while you're at it, you can as well correct the bug.
Ok, a revised patch is attached that fixes the off-by-one bug in
dbase/dbf2pg.c
Thanks for the code review.
Cheers,
Neil
--
Neil Conway <neilconway(at)rogers(dot)com>
PGP Key ID: DB3C29FC
| Attachment | Content-Type | Size |
|---|---|---|
| contrib-fixes-3.patch | text/x-patch | 29.8 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Neil Conway | 2002-08-12 20:52:14 | additional ONLY docs |
| Previous Message | Neil Conway | 2002-08-12 20:41:14 | updated prepareable statements patch |