Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commita9f0dbc

Browse files
committed
Fix PQsetvalue() to avoid possible crash when adding a new tuple.
PQsetvalue unnecessarily duplicated the logic in pqAddTuple, and didn'tduplicate it exactly either --- pqAddTuple does not care what is in thetuple-pointer array positions beyond the last valid entry, whereas thecode in PQsetvalue assumed such positions would contain NULL. This ledto possible crashes if PQsetvalue was applied to a PGresult that hadpreviously been enlarged with pqAddTuple, for instance one built from aserver query. Fix by relying on pqAddTuple instead of duplicating logic,and not assuming anything about the contents of res->tuples[res->ntups].Back-patch to 8.4, where PQsetvalue was introduced.Andrew Chernow
1 parent0ce7676 commita9f0dbc

File tree

1 file changed

+4
-23
lines changed

1 file changed

+4
-23
lines changed

‎src/interfaces/libpq/fe-exec.c

Lines changed: 4 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -424,28 +424,8 @@ PQsetvalue(PGresult *res, int tup_num, int field_num, char *value, int len)
424424
if (tup_num<0||tup_num>res->ntups)
425425
return FALSE;
426426

427-
/* need to grow the tuple table? */
428-
if (res->ntups >=res->tupArrSize)
429-
{
430-
intn=res->tupArrSize ?res->tupArrSize*2 :128;
431-
PGresAttValue**tups;
432-
433-
if (res->tuples)
434-
tups= (PGresAttValue**)realloc(res->tuples,n*sizeof(PGresAttValue*));
435-
else
436-
tups= (PGresAttValue**)malloc(n*sizeof(PGresAttValue*));
437-
438-
if (!tups)
439-
return FALSE;
440-
441-
memset(tups+res->tupArrSize,0,
442-
(n-res->tupArrSize)*sizeof(PGresAttValue*));
443-
res->tuples=tups;
444-
res->tupArrSize=n;
445-
}
446-
447427
/* need to allocate a new tuple? */
448-
if (tup_num==res->ntups&& !res->tuples[tup_num])
428+
if (tup_num==res->ntups)
449429
{
450430
PGresAttValue*tup;
451431
inti;
@@ -464,8 +444,9 @@ PQsetvalue(PGresult *res, int tup_num, int field_num, char *value, int len)
464444
tup[i].value=res->null_field;
465445
}
466446

467-
res->tuples[tup_num]=tup;
468-
res->ntups++;
447+
/* add it to the array */
448+
if (!pqAddTuple(res,tup))
449+
return FALSE;
469450
}
470451

471452
attval=&res->tuples[tup_num][field_num];

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp