pgsql: Fix CVE-2013-0255 properly.

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: pgsql-committers(at)postgresql(dot)org
Subject: pgsql: Fix CVE-2013-0255 properly.
Date: 2013-02-13 21:20:13
Message-ID: E1U5jkT-0007Un-Qd@gemulon.postgresql.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-committers

Fix CVE-2013-0255 properly.

Revert commit ab0f7b6089fd215f6ce6081e2e222c38d643a526 (in HEAD only)
in favor of the proper solution, which is to declare enum_recv() correctly
in the system catalogs. It should be declared to take type "internal"
not "cstring".

Also improve the type_sanity regression test, which should have caught
this typo, so that it actually would. Most of the relevant checks on
the signature of type I/O functions should not have been restricted to
basetypes/pseudotypes, as they should apply to any type's I/O functions.

Branch
------
master

Details
-------
http://git.postgresql.org/pg/commitdiff/71627f3d1964ef9831ea7997d2f4ac5617c718cc

Modified Files
--------------
src/backend/utils/adt/enum.c | 5 -----
src/include/catalog/catversion.h | 2 +-
src/include/catalog/pg_proc.h | 2 +-
src/test/regress/expected/type_sanity.out | 16 ++++++++++------
src/test/regress/sql/type_sanity.sql | 16 ++++++++++------
5 files changed, 22 insertions(+), 19 deletions(-)

Browse pgsql-committers by date

  From Date Subject
Next Message Peter Eisentraut 2013-02-14 04:13:00 pgsql: doc: Add make target to produce EPUB from DocBook
Previous Message Tom Lane 2013-02-13 19:07:56 pgsql: Fix contrib/pg_trgm's similarity() function for trigram-free str