| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Use snprintf not sprintf in pg_waldump's timestamptz_to_str. |
| Date: | 2018-06-16 18:59:01 |
| Message-ID: | E1fUGPd-0001JO-6R@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Use snprintf not sprintf in pg_waldump's timestamptz_to_str.
This could only cause an issue if strftime returned a ridiculously
long timezone name, which seems unlikely; and it wouldn't qualify
as a security problem even then, since pg_waldump (nee pg_xlogdump)
is a debug tool not part of the server. But gcc 8 has started issuing
warnings about it, so let's use snprintf and be safe.
Backpatch to 9.3 where this code was added.
Discussion: https://postgr.es/m/21789.1529170195@sss.pgh.pa.us
Branch
------
REL9_3_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/3243cbc085b8cd54cf12c323da3b5c8298ed5d69
Modified Files
--------------
contrib/pg_xlogdump/compat.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2018-06-16 19:34:30 | pgsql: Use -Wno-format-truncation and -Wno-stringop-truncation, if avai |
| Previous Message | Tom Lane | 2018-06-16 18:11:19 | pgsql: Fix some minor error-checking oversights in ParseFuncOrColumn(). |