Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit81dfa2c

Browse files
committed
backend where a statically sized buffer is written to. Most of these
should be pretty safe in practice, but it's probably better to be safethan sorry.I was actually looking for cases where NAMEDATALEN is assumed to be32, but only found one. That's fixed too, as well as a few bits ofcode cleanup.Neil Conway
1 parentf5fea08 commit81dfa2c

File tree

13 files changed

+33
-37
lines changed

13 files changed

+33
-37
lines changed

‎src/backend/executor/execMain.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@
2727
*
2828
*
2929
* IDENTIFICATION
30-
* $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.174 2002/08/15 16:36:02 momjian Exp $
30+
* $Header: /cvsroot/pgsql/src/backend/executor/execMain.c,v 1.175 2002/08/28 20:46:22 momjian Exp $
3131
*
3232
*-------------------------------------------------------------------------
3333
*/
@@ -545,7 +545,7 @@ InitPlan(CmdType operation, Query *parseTree, Plan *plan, EState *estate)
545545
erm= (execRowMark*)palloc(sizeof(execRowMark));
546546
erm->relation=relation;
547547
erm->rti=rti;
548-
sprintf(erm->resname,"ctid%u",rti);
548+
snprintf(erm->resname,32,"ctid%u",rti);
549549
estate->es_rowMark=lappend(estate->es_rowMark,erm);
550550
}
551551
}

‎src/backend/optimizer/plan/planner.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/optimizer/plan/planner.c,v 1.122 2002/06/20 20:29:31 momjian Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/optimizer/plan/planner.c,v 1.123 2002/08/28 20:46:23 momjian Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -961,7 +961,7 @@ grouping_planner(Query *parse, double tuple_fraction)
961961
TargetEntry*ctid;
962962

963963
resname= (char*)palloc(32);
964-
sprintf(resname,"ctid%u",rti);
964+
snprintf(resname,32,"ctid%u",rti);
965965
resdom=makeResdom(length(tlist)+1,
966966
TIDOID,
967967
-1,

‎src/backend/parser/analyze.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66
* Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group
77
* Portions Copyright (c) 1994, Regents of the University of California
88
*
9-
*$Header: /cvsroot/pgsql/src/backend/parser/analyze.c,v 1.244 2002/08/27 04:55:07 tgl Exp $
9+
*$Header: /cvsroot/pgsql/src/backend/parser/analyze.c,v 1.245 2002/08/28 20:46:23 momjian Exp $
1010
*
1111
*-------------------------------------------------------------------------
1212
*/
@@ -2157,7 +2157,7 @@ transformSetOperationTree(ParseState *pstate, SelectStmt *stmt)
21572157
/*
21582158
* Make the leaf query be a subquery in the top-level rangetable.
21592159
*/
2160-
sprintf(selectName,"*SELECT* %d",length(pstate->p_rtable)+1);
2160+
snprintf(selectName,32,"*SELECT* %d",length(pstate->p_rtable)+1);
21612161
rte=addRangeTableEntryForSubquery(pstate,
21622162
selectQuery,
21632163
makeAlias(selectName,NIL),

‎src/backend/parser/gram.y

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111
*
1212
*
1313
* IDENTIFICATION
14-
* $Header: /cvsroot/pgsql/src/backend/parser/gram.y,v 2.362 2002/08/2814:35:37 momjian Exp $
14+
* $Header: /cvsroot/pgsql/src/backend/parser/gram.y,v 2.363 2002/08/2820:46:23 momjian Exp $
1515
*
1616
* HISTORY
1717
* AUTHORDATEMAJOR EVENT
@@ -2096,7 +2096,7 @@ TriggerFuncArg:
20962096
ICONST
20972097
{
20982098
char buf[64];
2099-
sprintf (buf,"%d", $1);
2099+
snprintf (buf,sizeof(buf), "%d", $1);
21002100
$$ = makeString(pstrdup(buf));
21012101
}
21022102
|FCONST{$$ = makeString($1); }

‎src/backend/utils/adt/mac.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
/*
22
*PostgreSQL type definitions for MAC addresses.
33
*
4-
*$Header: /cvsroot/pgsql/src/backend/utils/adt/mac.c,v 1.24 2002/06/17 07:00:26 momjian Exp $
4+
*$Header: /cvsroot/pgsql/src/backend/utils/adt/mac.c,v 1.25 2002/08/28 20:46:24 momjian Exp $
55
*/
66

77
#include"postgres.h"
@@ -80,7 +80,7 @@ macaddr_out(PG_FUNCTION_ARGS)
8080

8181
result= (char*)palloc(32);
8282

83-
sprintf(result,"%02x:%02x:%02x:%02x:%02x:%02x",
83+
snprintf(result,32,"%02x:%02x:%02x:%02x:%02x:%02x",
8484
addr->a,addr->b,addr->c,addr->d,addr->e,addr->f);
8585

8686
PG_RETURN_CSTRING(result);

‎src/backend/utils/adt/tid.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/utils/adt/tid.c,v 1.33 2002/08/15 16:36:05 momjian Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/utils/adt/tid.c,v 1.34 2002/08/28 20:46:24 momjian Exp $
1212
*
1313
* NOTES
1414
* input routine largely stolen from boxin().
@@ -101,7 +101,7 @@ tidout(PG_FUNCTION_ARGS)
101101
blockNumber=BlockIdGetBlockNumber(blockId);
102102
offsetNumber=itemPtr->ip_posid;
103103

104-
sprintf(buf,"(%u,%u)",blockNumber,offsetNumber);
104+
snprintf(buf,sizeof(buf),"(%u,%u)",blockNumber,offsetNumber);
105105

106106
PG_RETURN_CSTRING(pstrdup(buf));
107107
}

‎src/backend/utils/adt/varlena.c

Lines changed: 5 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
*
99
*
1010
* IDENTIFICATION
11-
* $Header: /cvsroot/pgsql/src/backend/utils/adt/varlena.c,v 1.88 2002/08/22 03:24:00 momjian Exp $
11+
* $Header: /cvsroot/pgsql/src/backend/utils/adt/varlena.c,v 1.89 2002/08/28 20:46:24 momjian Exp $
1212
*
1313
*-------------------------------------------------------------------------
1414
*/
@@ -1787,12 +1787,11 @@ to_hex32(PG_FUNCTION_ARGS)
17871787
{
17881788
staticchardigits[]="0123456789abcdef";
17891789
charbuf[32];/* bigger than needed, but reasonable */
1790-
char*ptr,
1791-
*end;
1790+
char*ptr;
17921791
text*result_text;
17931792
int32value=PG_GETARG_INT32(0);
17941793

1795-
end=ptr=buf+sizeof(buf)-1;
1794+
ptr=buf+sizeof(buf)-1;
17961795
*ptr='\0';
17971796

17981797
do
@@ -1814,12 +1813,11 @@ to_hex64(PG_FUNCTION_ARGS)
18141813
{
18151814
staticchardigits[]="0123456789abcdef";
18161815
charbuf[32];/* bigger than needed, but reasonable */
1817-
char*ptr,
1818-
*end;
1816+
char*ptr;
18191817
text*result_text;
18201818
int64value=PG_GETARG_INT64(0);
18211819

1822-
end=ptr=buf+sizeof(buf)-1;
1820+
ptr=buf+sizeof(buf)-1;
18231821
*ptr='\0';
18241822

18251823
do

‎src/bin/pg_dump/pg_backup_tar.c

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@
1616
*
1717
*
1818
* IDENTIFICATION
19-
*$Header: /cvsroot/pgsql/src/bin/pg_dump/pg_backup_tar.c,v 1.25 2002/08/20 17:54:44 petere Exp $
19+
*$Header: /cvsroot/pgsql/src/bin/pg_dump/pg_backup_tar.c,v 1.26 2002/08/28 20:46:24 momjian Exp $
2020
*
2121
*-------------------------------------------------------------------------
2222
*/
@@ -1189,12 +1189,10 @@ static void
11891189
_tarWriteHeader(TAR_MEMBER*th)
11901190
{
11911191
charh[512];
1192-
inti;
11931192
intlastSum=0;
11941193
intsum;
11951194

1196-
for (i=0;i<512;i++)
1197-
h[i]='\0';
1195+
memset(h,0,sizeof(h));
11981196

11991197
/* Name 100 */
12001198
sprintf(&h[0],"%.99s",th->targetFile);

‎src/bin/pg_dump/pg_backup_tar.h

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,21 +1,21 @@
11
/*
2-
* $Header: /cvsroot/pgsql/src/bin/pg_dump/pg_backup_tar.h,v 1.3 2001/03/22 04:00:14 momjian Exp $
2+
* $Header: /cvsroot/pgsql/src/bin/pg_dump/pg_backup_tar.h,v 1.4 2002/08/28 20:46:24 momjian Exp $
33
*
44
* TAR Header
55
*
66
* OffsetLength Contents
7-
* 0 100 bytes File name ('\0' terminated, 99maxmum length)
7+
* 0 100 bytes File name ('\0' terminated, 99maximum length)
88
* 1008 bytes File mode (in octal ascii)
99
* 1088 bytes User ID (in octal ascii)
1010
* 1168 bytes Group ID (in octal ascii)
1111
* 124 12 bytes File size (s) (in octal ascii)
1212
* 136 12 bytes Modify time (in octal ascii)
1313
* 1488 bytes Header checksum (in octal ascii)
1414
* 1561 bytes Link flag
15-
* 157 100 bytes Linkname ('\0' terminated, 99maxmum length)
15+
* 157 100 bytes Linkname ('\0' terminated, 99maximum length)
1616
* 2578 bytes Magic ("ustar \0")
17-
* 265 32 bytes User name ('\0' terminated, 31maxmum length)
18-
* 297 32 bytes Group name ('\0' terminated, 31maxmum length)
17+
* 265 32 bytes User name ('\0' terminated, 31maximum length)
18+
* 297 32 bytes Group name ('\0' terminated, 31maximum length)
1919
* 3298 bytes Major device ID (in octal ascii)
2020
* 3378 bytes Minor device ID (in octal ascii)
2121
* 345 167 bytes Padding

‎src/bin/psql/print.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
*
44
* Copyright 2000 by PostgreSQL Global Development Group
55
*
6-
* $Header: /cvsroot/pgsql/src/bin/psql/print.c,v 1.29 2002/08/27 20:16:48 petere Exp $
6+
* $Header: /cvsroot/pgsql/src/bin/psql/print.c,v 1.30 2002/08/28 20:46:24 momjian Exp $
77
*/
88
#include"postgres_fe.h"
99
#include"print.h"
@@ -494,9 +494,9 @@ print_aligned_vertical(const char *title, const char *const * headers,
494494
}
495495

496496
if (opt_border==0)
497-
sprintf(record_str,"* Record %d",record++);
497+
snprintf(record_str,32,"* Record %d",record++);
498498
else
499-
sprintf(record_str,"[ RECORD %d ]",record++);
499+
snprintf(record_str,32,"[ RECORD %d ]",record++);
500500
record_str_len=strlen(record_str);
501501

502502
if (record_str_len+opt_border>strlen(divider))

‎src/interfaces/cli/example2.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,7 @@ example2(SQLCHAR *server, SQLCHAR *uid, SQLCHAR *authen, SQLCHAR *sqlstr)
5656
SQLHDBChdbc;
5757
SQLHSTMThstmt;
5858
SQLCHARerrmsg[256];
59-
SQLCHARcolname[32];
59+
SQLCHARcolname[64];
6060
SQLSMALLINTcoltype;
6161
SQLSMALLINTcolnamelen;
6262
SQLSMALLINTnullable;

‎src/pl/plpgsql/src/gram.y

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
* procedural language
55
*
66
* IDENTIFICATION
7-
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/gram.y,v 1.34 2002/08/08 01:36:04 tgl Exp $
7+
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/gram.y,v 1.35 2002/08/28 20:46:24 momjian Exp $
88
*
99
* This software is copyrighted by Jan Wieck - Hamburg.
1010
*
@@ -1594,7 +1594,7 @@ read_sql_construct(int until,
15941594
{
15951595
case T_VARIABLE:
15961596
params[nparams] = yylval.variable->dno;
1597-
sprintf(buf," $%d", ++nparams);
1597+
snprintf(buf,sizeof(buf)," $%d", ++nparams);
15981598
plpgsql_dstring_append(&ds, buf);
15991599
break;
16001600

@@ -1791,7 +1791,7 @@ make_select_stmt(void)
17911791
{
17921792
case T_VARIABLE:
17931793
params[nparams] = yylval.variable->dno;
1794-
sprintf(buf," $%d", ++nparams);
1794+
snprintf(buf,sizeof(buf)," $%d", ++nparams);
17951795
plpgsql_dstring_append(&ds, buf);
17961796
break;
17971797

‎src/pl/plpgsql/src/pl_comp.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
* procedural language
44
*
55
* IDENTIFICATION
6-
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_comp.c,v 1.47 2002/08/22 00:01:50 tgl Exp $
6+
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/pl_comp.c,v 1.48 2002/08/28 20:46:24 momjian Exp $
77
*
88
* This software is copyrighted by Jan Wieck - Hamburg.
99
*
@@ -249,7 +249,7 @@ plpgsql_compile(Oid fn_oid, int functype)
249249
{
250250
charbuf[32];
251251

252-
sprintf(buf,"$%d",i+1);/* name for variable */
252+
snprintf(buf,sizeof(buf),"$%d",i+1);/* name for variable */
253253

254254
/*
255255
* Get the parameters type

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp