forked frompostgres/postgres
- Notifications
You must be signed in to change notification settings - Fork6
Commit9c15a77
committed
Fix misparsing of empty value in conninfo_uri_parse_params().
After finding an "=" character, the pointer was advanced twice when itshould only advance once. This is harmless as long as the value after "="has at least one character; but if it doesn't, we'd miss the terminatorcharacter and include too much in the value.In principle this could lead to reading off the end of memory. It does notseem worth treating as a security issue though, because it would happen onclient side, and besides client logic that's taking conninfo strings fromuntrusted sources has much worse security problems than this.Report and patch received off-list from Thomas Fanghaenel.Back-patch to 9.2 where the faulty code was introduced.1 parent66463a3 commit9c15a77
1 file changed
+2
-3
lines changedLines changed: 2 additions & 3 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
4965 | 4965 | | |
4966 | 4966 | | |
4967 | 4967 | | |
4968 | | - | |
4969 | | - | |
4970 | | - | |
| 4968 | + | |
| 4969 | + | |
4971 | 4970 | | |
4972 | 4971 | | |
4973 | 4972 | | |
| |||
0 commit comments
Comments
(0)