Re: pgsql: ecpg: Fix out-of-bound read in DecodeDateTime()

From: Bruce Momjian <bruce(at)momjian(dot)us>
To: Michael Paquier <michael(at)paquier(dot)xyz>
Cc: pgsql-committers(at)lists(dot)postgresql(dot)org
Subject: Re: pgsql: ecpg: Fix out-of-bound read in DecodeDateTime()
Date: 2024-10-31 14:44:36
Message-ID: ZyOX1OhWgrTHS4G-@momjian.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-committers


Great, thanks for applying this. I was traveling so am only now back to
looking at this.

---------------------------------------------------------------------------

On Tue, Oct 22, 2024 at 11:35:51PM +0000, Michael Paquier wrote:
> ecpg: Fix out-of-bound read in DecodeDateTime()
>
> It was possible for the code to read out-of-bound data from the
> "day_tab" table with some crafted input data. Let's treat these as
> invalid input as the month number is incorrect.
>
> A test is added to test this case with a check on the errno returned by
> the decoding routine. A test close to the new one added in this commit
> was testing for a failure, but did not look at the errno generated, so
> let's use this commit to also change it, adding a check on the errno
> returned by DecodeDateTime().
>
> Like the other test scripts, dt_test should likely be expanded to
> include more checks based on the errnos generated in these code paths.
> This is left as future work.
>
> This issue exists since 2e6f97560a83, so backpatch all the way down.
>
> Reported-by: Pavel Nekrasov
> Author: Bruce Momjian, Pavel Nekrasov
> Discussion: https://postgr.es/m/18614-6bbe00117352309e@postgresql.org
> Backpatch-through: 12
>
> Branch
> ------
> master
>
> Details
> -------
> https://git.postgresql.org/pg/commitdiff/a0bff38d133ac95fb56bbd868a128bba95ec46c9
>
> Modified Files
> --------------
> src/interfaces/ecpg/pgtypeslib/dt_common.c | 6 +-
> .../ecpg/test/expected/pgtypeslib-dt_test.c | 76 +++++++++++++++-------
> .../ecpg/test/expected/pgtypeslib-dt_test.stderr | 42 ++++++------
> .../ecpg/test/expected/pgtypeslib-dt_test.stdout | 3 +-
> src/interfaces/ecpg/test/pgtypeslib/dt_test.pgc | 30 +++++++++
> 5 files changed, 109 insertions(+), 48 deletions(-)
>

--
Bruce Momjian <bruce(at)momjian(dot)us> https://momjian.us
EDB https://enterprisedb.com

When a patient asks the doctor, "Am I going to die?", he means
"Am I going to die soon?"

In response to

Browse pgsql-committers by date

  From Date Subject
Next Message Heikki Linnakangas 2024-10-31 16:26:24 pgsql: Fix refreshing physical relfilenumber on shared index
Previous Message Daniel Gustafsson 2024-10-31 10:47:29 pgsql: Remove duplicate words in comments