| From: | Thom Brown <thom(at)linux(dot)com> |
|---|---|
| To: | Tomas Vondra <tomas(dot)vondra(at)postgresql(dot)org> |
| Cc: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: pgsql: Null-terminate the output buffer of LZ4Stream_gets |
| Date: | 2023-05-17 14:58:21 |
| Message-ID: | CAA-aLv7JmKKjiaestoBJUDQKgM0pKx7NH7VC4spqYrg6+P_tDg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
On Wed, 17 May 2023 at 15:38, Tomas Vondra <tomas(dot)vondra(at)postgresql(dot)org> wrote:
>
> Null-terminate the output buffer of LZ4Stream_gets
>
> LZ4Stream_gets did not null-terminate its output buffer. The callers expected
> the buffer to be null-terminated and passed it around to functions such as
> sscanf with unintended consequences.
>
> Author: Georgios Kokolatos <gkokolatos(at)pm(dot)me>
> Reported-by: Alexander Lakhin <exclusion(at)gmail(dot)com>
> Discussion: https://postgr.es/m/94ae9bca-5ebb-1e68-bb7b-4f32e89fefbe@gmail.com
>
> Branch
> ------
> master
>
> Details
> -------
> https://git.postgresql.org/pg/commitdiff/3c18d90f8907e53c3021fca13ad046133c480e4d
>
> Modified Files
> --------------
> src/bin/pg_dump/compress_lz4.c | 12 +++++++++++-
> 1 file changed, 11 insertions(+), 1 deletion(-)
Forgive the noise, but how is ptr[ret - 1] = '\0' not overwriting the
last character?
Thom
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tomas Vondra | 2023-05-17 15:00:59 | pgsql: Advance input pointer when LZ4 compressing data |
| Previous Message | Tomas Vondra | 2023-05-17 14:37:49 | pgsql: Null-terminate the output buffer of LZ4Stream_gets |