| From: | msrbugzilla(at)gmail(dot)com |
|---|---|
| To: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | BUG #6700: Potential Bug in numeric.c |
| Date: | 2012-06-20 05:53:14 |
| Message-ID: | E1ShDqs-0007Wj-My@wrigleys.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
The following bug has been logged on the website:
Bug reference: 6700
Logged by: Ken Cheung
Email address: msrbugzilla(at)gmail(dot)com
PostgreSQL version: Unsupported/Unknown
Operating system: Linux
Description:
I observed a code clone in the following files. In the function
PGTYPESnumeric_copy, the variable dst is ensured to be not NULL before
passing to zero_var(). However, the function PGTYPESnumeric_from_decimal
does not perform this checking. It will cause an exception when dst is NULL
and passed to zero_var().
function : PGTYPESnumeric_copy @ (file:
"postgresql-9.2beta2/src/interfaces/ecpg/pgtypeslib/numeric.c", line:
1476)~1491
if (dst == NULL)
return -1;
zero_var(dst);
dst->weight = src->weight;
dst->rscale = src->rscale;
dst->dscale = src->dscale;
dst->sign = src->sign;
if (alloc_var(dst, src->ndigits) != 0)
return -1;
for (i = 0; i < src->ndigits; i++)
dst->digits[i] = src->digits[i];
return 0;
function : PGTYPESnumeric_from_decimal @ (file:
"postgresql-9.2beta2/src/interfaces/ecpg/pgtypeslib/numeric.c", line:
1650)~1663
zero_var(dst);
dst->weight = src->weight;
dst->rscale = src->rscale;
dst->dscale = src->dscale;
dst->sign = src->sign;
if (alloc_var(dst, src->ndigits) != 0)
return -1;
for (i = 0; i < src->ndigits; i++)
dst->digits[i] = src->digits[i];
return 0;
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amit Kapila | 2012-06-20 06:33:47 | Re: BUG #6698: sub-query with join producing out of memory in where clause |
| Previous Message | Craig Ringer | 2012-06-20 04:01:41 | Re: BUG #5823: launchd execution |