| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
| Cc: | PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Out-of-bounds write and incorrect detection of trigger file in pg_standby |
| Date: | 2015-01-15 14:47:18 |
| Message-ID: | CA+Tgmoa5H+TWcTouCBUZq8LoZ+fsJaDsLBrVM=Hq-0JbVF-88Q@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Jan 14, 2015 at 9:27 PM, Michael Paquier
<michael(dot)paquier(at)gmail(dot)com> wrote:
> On Thu, Jan 15, 2015 at 7:13 AM, Robert Haas <robertmhaas(at)gmail(dot)com> wrote:
>> Instead of doing this:
>>
>> if (len < sizeof(buf))
>> buf[len] = '\0';
>>
>> ...I would suggest making the size of the buffer one greater than the
>> size of the read(), and then always nul-terminating the buffer. It
>> seems to me that would make the code easier to reason about.
> How about the attached then? This way we still detect the same way any
> invalid values:
> - if ((len = read(fd, buf, sizeof(buf))) < 0)
> + if ((len = read(fd, buf, sizeof(buf) - 1)) < 0)
Committed and back-patched all the way.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2015-01-15 14:54:23 | Re: parallel mode and parallel contexts |
| Previous Message | Andres Freund | 2015-01-15 14:35:48 | Re: Minor configure tweak to simplify adjusting gcc warnings |