Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit70d4a93

Browse files
committed
Prevent large allocation in snprintf to hold positional parameters.
Allocated size based on format string.
1 parent3104a92 commit70d4a93

File tree

1 file changed

+38
-15
lines changed

1 file changed

+38
-15
lines changed

‎src/port/snprintf.c

Lines changed: 38 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -32,18 +32,17 @@
3232
* SUCH DAMAGE.
3333
*/
3434

35-
/* might be in either frontend or backend */
35+
#ifndefFRONTEND
36+
#include"postgres.h"
37+
#else
3638
#include"postgres_fe.h"
39+
#endif
3740

3841
#ifndefWIN32
3942
#include<sys/ioctl.h>
4043
#endif
4144
#include<sys/param.h>
4245

43-
#ifndefNL_ARGMAX
44-
#defineNL_ARGMAX 4096
45-
#endif
46-
4746
/*
4847
**SNPRINTF, VSNPRINT -- counted versions of printf
4948
**
@@ -66,7 +65,7 @@
6665
* causing nasty effects.
6766
**************************************************************/
6867

69-
/*static char _id[] = "$PostgreSQL: pgsql/src/port/snprintf.c,v 1.11 2005/03/0203:21:52 momjian Exp $";*/
68+
/*static char _id[] = "$PostgreSQL: pgsql/src/port/snprintf.c,v 1.12 2005/03/0205:22:22 momjian Exp $";*/
7069

7170
intsnprintf(char*str,size_tcount,constchar*fmt,...);
7271
intvsnprintf(char*str,size_tcount,constchar*fmt,va_listargs);
@@ -157,11 +156,9 @@ dopr(char *buffer, const char *format, va_list args, char *end)
157156
intrealpos=0;
158157
intposition;
159158
char*output;
160-
/* In thread mode this structure is too large. */
161-
#ifndefENABLE_THREAD_SAFETY
162-
static
163-
#endif
164-
struct{
159+
intpercents=1;
160+
constchar*p;
161+
structfmtpar {
165162
constchar*fmtbegin;
166163
constchar*fmtend;
167164
void*value;
@@ -179,10 +176,30 @@ dopr(char *buffer, const char *format, va_list args, char *end)
179176
intpointflag;
180177
charfunc;
181178
intrealpos;
182-
}fmtpar[NL_ARGMAX+1],*fmtparptr[NL_ARGMAX+1];
183-
179+
}*fmtpar,**fmtparptr;
184180

181+
/* Create enough structures to hold all arguments */
182+
for (p=format;*p!='\0';p++)
183+
if (*p=='%')/* counts %% as two, so overcounts */
184+
percents++;
185+
#ifndefFRONTEND
186+
fmtpar=pgport_palloc(sizeof(structfmtpar)*percents);
187+
fmtparptr=pgport_palloc(sizeof(structfmtpar*)*percents);
188+
#else
189+
if ((fmtpar=malloc(sizeof(structfmtpar)*percents))==NULL)
190+
{
191+
fprintf(stderr,_("out of memory\n"));
192+
exit(1);
193+
}
194+
if ((fmtparptr=malloc(sizeof(structfmtpar*)*percents))==NULL)
195+
{
196+
fprintf(stderr,_("out of memory\n"));
197+
exit(1);
198+
}
199+
#endif
200+
185201
format_save=format;
202+
186203
output=buffer;
187204
while ((ch=*format++))
188205
{
@@ -418,9 +435,7 @@ dopr(char *buffer, const char *format, va_list args, char *end)
418435
performpr:
419436
/* shuffle pointers */
420437
for(i=1;i<fmtpos;i++)
421-
{
422438
fmtparptr[i]=&fmtpar[fmtpar[i].realpos];
423-
}
424439
output=buffer;
425440
format=format_save;
426441
while ((ch=*format++))
@@ -465,6 +480,14 @@ dopr(char *buffer, const char *format, va_list args, char *end)
465480
;/* semicolon required because a goto has to be attached to a statement */
466481
}
467482
*output='\0';
483+
484+
#ifndefFRONTEND
485+
pgport_pfree(fmtpar);
486+
pgport_pfree(fmtparptr);
487+
#else
488+
free(fmtpar);
489+
free(fmtparptr);
490+
#endif
468491
}
469492

470493
staticvoid

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp