| From: | Ranier Vilela <ranier(dot)vf(at)gmail(dot)com> |
|---|---|
| To: | Pg Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | [PATCH] Fix out-of-bouds access (src/common/wchar.c) |
| Date: | 2022-02-15 12:17:34 |
| Message-ID: | CAEudQAoxS13snR7+o23300srfQ6hH+utRVYSWfZ8qTmd5SLmEQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
Per Coverity.
Like the function pg_encoding_max_length_sql
(src/backend/utils/mb/mbutils.c)
Only assertion is insufficient to avoid accessing array out-of-bounds.
This bug is live according Coverity at function: pg_verify_mbstr_len
(src/backend/utils/mb/mbutils.c)
CID 1469870 (#1 of 1): Out-of-bounds access (OVERRUN)7. overrun-call:
Overrunning
callee's array of size 42 by passing argument src_encoding (which evaluates
to 63) in call to pg_verify_mbstr_len. [show details
<https://scan6.scan.coverity.com/eventId=32693869-7&modelId=32693869-0&fileInstanceId=131415642&filePath=%2Fdll%2Fpostgres%2Fpostgres%2Fsrc%2Fbackend%2Futils%2Fmb%2Fmbutils.c&fileStart=1546&fileEnd=1605>
]
633 retval = pg_verify_mbstr_len(src_encoding, src_str, len, false);
634
Trivial patch attached.
regards,
Ranier Vilela
| Attachment | Content-Type | Size |
|---|---|---|
| fix_out_of_bounds_wchar.patch | application/octet-stream | 462 bytes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Page | 2022-02-15 12:30:28 | Re: Observability in Postgres |
| Previous Message | Nitin Jadhav | 2022-02-15 12:15:26 | Re: Report checkpoint progress with pg_stat_progress_checkpoint (was: Report checkpoint progress in server logs) |