Quick Links

Re: Returning non-terminated string in ECPG Informix-compatible function

From:	Michael Paquier <michael(at)paquier(dot)xyz>
To:	Oleg Tselebrovskiy <o(dot)tselebrovskiy(at)postgrespro(dot)ru>
Cc:	Ashutosh Bapat <ashutosh(dot)bapat(dot)oss(at)gmail(dot)com>, pgsql-hackers(at)postgresql(dot)org
Subject:	Re: Returning non-terminated string in ECPG Informix-compatible function
Date:	2024-02-19 03:20:12
Message-ID:	ZdLI7H56K7s4IR23@paquier.xyz
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On Thu, Feb 15, 2024 at 05:17:17PM +0700, Oleg Tselebrovskiy wrote:
> Thanks for review!

dt_common.c is quite amazing, the APIs that we have in it rely on
strcpy() but we have no idea of the length of the buffer string given
in input to store the result. This would require breaking the
existing APIs or inventing new ones to be able to plug some safer
strlcpy() calls. Not sure if it's really worth bothering. For now,
I've applied the OOM checks on HEAD and the fix with the null
termination on all stable branches.
--
Michael

In response to

Re: Returning non-terminated string in ECPG Informix-compatible function at 2024-02-15 10:17:17 from Oleg Tselebrovskiy

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Michael Paquier	2024-02-19 03:36:52	Re: Speeding up COPY TO for uuids and arrays
Previous Message	Kyotaro Horiguchi	2024-02-19 03:02:41	Re: Do away with zero-padding assumption before WALRead()