From: | Heikki Linnakangas <heikki(dot)linnakangas(at)iki(dot)fi> |
---|---|
To: | pgsql-committers(at)postgresql(dot)org |
Subject: | pgsql: Avoid integer overflow in hstore_to_json(). |
Date: | 2014-02-21 13:48:29 |
Message-ID: | E1WGqSr-0001Mt-MR@gemulon.postgresql.org |
Views: | Whole Thread | Raw Message | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-committers |
Avoid integer overflow in hstore_to_json().
The length of the output buffer was calculated based on the size of the
argument hstore. On a sizeof(int) == 4 platform and a huge argument, it
could overflow, causing a too small buffer to be allocated.
Refactor the function to use a StringInfo instead of pre-allocating the
buffer. Makes it shorter and more readable, too.
Branch
------
master
Details
-------
http://git.postgresql.org/pg/commitdiff/0c5783ff301ae3e470000c918bfc2395129de4c5
Modified Files
--------------
contrib/hstore/hstore_io.c | 150 ++++++++++++--------------------------------
1 file changed, 41 insertions(+), 109 deletions(-)
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2014-02-21 22:11:00 | pgsql: Do ScalarArrayOp estimation correctly when array is a stable exp |
Previous Message | Peter Eisentraut | 2014-02-21 02:46:53 | pgsql: doc: Clarify documentation page header customization code |