| From: | Ranier Vilela <ranier(dot)vf(at)gmail(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | David Rowley <dgrowleyml(at)gmail(dot)com>, Pg Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Fix out-of-bounds in the function GetCommandTagName |
| Date: | 2024-05-13 18:02:05 |
| Message-ID: | CAEudQApQXCZ_d=viNawsB-x_5dNiaES1s4w=kWgtOvROBFjH7g@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Em seg., 13 de mai. de 2024 às 14:38, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> escreveu:
> David Rowley <dgrowleyml(at)gmail(dot)com> writes:
> > I've added a CF entry under your name for this:
> > https://commitfest.postgresql.org/48/4927/
>
> > If it was code new to PG17 I'd be inclined to go ahead with it now,
> > but it does not seem to align with making the release mode stable.
> > I'd bet others will feel differently about that. Delaying seems a
> > better default choice at least.
>
> The security team's Coverity instance has started to show this
> complaint now too. So I'm going to go ahead and push this change
> in HEAD. It's probably unwise to change it in stable branches,
> since there's at least a small chance some external code is using
> COMMAND_TAG_NEXTTAG for the same purpose tag_behavior[] does.
> But we aren't anywhere near declaring v17's API stable, so
> I'd rather fix the issue than dismiss it in HEAD.
>
Thanks for the commit, Tom.
best regards,
Ranier Vilela
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ranier Vilela | 2024-05-13 18:05:32 | Re: Fix resource leak (src/backend/libpq/be-secure-common.c) |
| Previous Message | Antonin Houska | 2024-05-13 17:42:15 | Re: UniqueKey v2 |