From: | Vince Vielhaber <vev(at)michvhf(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Justin Clift <justin(at)postgresql(dot)org>, Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au>, <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in |
Date: | 2002-08-20 11:36:29 |
Message-ID: | Pine.BSF.4.40.0208200734150.13805-100000@paprika.michvhf.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Mon, 19 Aug 2002, Tom Lane wrote:
> Justin Clift <justin(at)postgresql(dot)org> writes:
> > From the info still around, this looks to mean that the cash_words()
> > problem was fixed, but the cash_out() problem was harder to fix.
>
> > Tom/Bruce, is that correct?
>
> The cash_out problem can't really be fixed until we do something about
> subdividing type "opaque" into multiple pseudo-types with more carefully
> defined meanings. cash_out is declared cash_out(opaque) which does not
> really mean that it accepts any input type ... but one of the several
> meanings of "opaque" is "accepts any type", so the parser doesn't reject
> cash_out(2).
>
> I'd like to see something done about this fairly soon, but it's not
> happening for 7.3 ...
Can we trap and just return an error before it goes into the weeds and
put the subdividing opaque fix in later?
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: vev(at)michvhf(dot)com http://www.pop4.net
56K Nationwide Dialup from $16.00/mo at Pop4 Networking
http://www.camping-usa.com http://www.cloudninegifts.com
http://www.meanstreamradio.com http://www.unknown-artists.com
==========================================================================
From | Date | Subject | |
---|---|---|---|
Next Message | Nigel J. Andrews | 2002-08-20 11:59:22 | Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in |
Previous Message | Curt Sampson | 2002-08-20 11:29:11 | Re: [SECURITY] DoS attack on backend possible |