Quick Links

[PATCH] Fix buffer not null terminated on (ecpg lib)

From:	Ranier Vilela <ranier(dot)vf(at)gmail(dot)com>
To:	PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject:	[PATCH] Fix buffer not null terminated on (ecpg lib)
Date:	2020-04-22 22:48:07
Message-ID:	CAEudQApFOzniNRqCMLYDACU6G=TLuGoL_kH6XtJLgqSSdRwrTw@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Hi,
strncpy, it is not a safe function and has the risk of corrupting memory.
On ecpg lib, two sources, make use of strncpy risk, this patch tries to fix.

1. Make room for the last null-characte;
2. Copies Maximum number of characters - 1.

per Coverity.

regards,
Ranier Vilela

Attachment	Content-Type	Size
fix_buffer_not_null_terminated.patch	application/octet-stream	2.0 KB

Responses

Re: [PATCH] Fix buffer not null terminated on (ecpg lib) at 2020-04-23 02:27:25 from Kyotaro Horiguchi

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Ranier Vilela	2020-04-22 22:54:59	[PATCH] FIx explicit null dereference pointer (nbtree.c)
Previous Message	Tom Lane	2020-04-22 22:40:07	Re: More efficient RI checks - take 2