Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitf0fbd7b

Browse files
committed
Some security, since we now have vsnprintf, I remade an old patch
 with some extra ugly sprintfs fixed. More work in this area is needed still.Göran Thyni
1 parentd8ae7ff commitf0fbd7b

File tree

5 files changed

+15
-18
lines changed

5 files changed

+15
-18
lines changed

‎src/backend/utils/error/elog.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
*
88
*
99
* IDENTIFICATION
10-
* $Header: /cvsroot/pgsql/src/backend/utils/error/elog.c,v 1.35 1998/09/01 04:33:07 momjian Exp $
10+
* $Header: /cvsroot/pgsql/src/backend/utils/error/elog.c,v 1.36 1999/01/01 04:48:45 momjian Exp $
1111
*
1212
*-------------------------------------------------------------------------
1313
*/
@@ -133,7 +133,7 @@ elog(int lev, const char *fmt,...)
133133
else
134134
*bp++=*cp;
135135
*bp='\0';
136-
vsprintf(line,buf,ap);
136+
vsnprintf(line,ELOG_MAXLEN-1,buf,ap);
137137
va_end(ap);
138138

139139
#ifdefUSE_SYSLOG

‎src/backend/utils/error/format.c

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
*
88
*
99
* IDENTIFICATION
10-
* $Header: /cvsroot/pgsql/src/backend/utils/error/Attic/format.c,v 1.7 1998/09/0103:26:40 momjian Exp $
10+
* $Header: /cvsroot/pgsql/src/backend/utils/error/Attic/format.c,v 1.8 1999/01/0104:48:46 momjian Exp $
1111
*
1212
*-------------------------------------------------------------------------
1313
*/
@@ -29,12 +29,8 @@ char *
2929
form(constchar*fmt,...)
3030
{
3131
va_listargs;
32-
3332
va_start(args,fmt);
34-
35-
vsprintf(FormBuf,fmt,args);
36-
33+
vsnprintf(FormBuf,FormMaxSize-1,fmt,args);
3734
va_end(args);
38-
3935
returnFormBuf;
4036
}

‎src/backend/utils/misc/trace.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -108,7 +108,7 @@ tprintf(int flag, const char *fmt,...)
108108
#ifdefELOG_TIMESTAMPS
109109
strcpy(line,tprintf_timestamp());
110110
#endif
111-
vsprintf(line+TIMESTAMP_SIZE,fmt,ap);
111+
vsnprintf(line+TIMESTAMP_SIZE,ELOG_MAXLEN,fmt,ap);
112112
va_end(ap);
113113

114114
#ifdefUSE_SYSLOG
@@ -138,7 +138,7 @@ tprintf1(const char *fmt, ... )
138138
#ifdefELOG_TIMESTAMPS
139139
strcpy(line,tprintf_timestamp());
140140
#endif
141-
vsprintf(line+TIMESTAMP_SIZE,fmt,ap);
141+
vsnprintf(line+TIMESTAMP_SIZE,ELOG_MAXLEN,fmt,ap);
142142
va_end(ap);
143143

144144
#ifdefUSE_SYSLOG
@@ -166,7 +166,7 @@ eprintf(const char *fmt,...)
166166
#ifdefELOG_TIMESTAMPS
167167
strcpy(line,tprintf_timestamp());
168168
#endif
169-
vsprintf(line+TIMESTAMP_SIZE,fmt,ap);
169+
vsnprintf(line+TIMESTAMP_SIZE,ELOG_MAXLEN,fmt,ap);
170170
va_end(ap);
171171

172172
#ifdefUSE_SYSLOG
@@ -344,7 +344,7 @@ read_pg_options(SIGNAL_ARGS)
344344
return;
345345
}
346346

347-
sprintf(buffer,"%s/%s",DataDir,"pg_options");
347+
snprintf(buffer,BUF_SIZE-1,"%s/%s",DataDir,"pg_options");
348348
if ((fd=open(buffer,O_RDONLY))<0)
349349
return;
350350

‎src/backend/utils/mmgr/portalmem.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
*
88
*
99
* IDENTIFICATION
10-
* $Header: /cvsroot/pgsql/src/backend/utils/mmgr/portalmem.c,v 1.14 1998/09/01 04:33:39 momjian Exp $
10+
* $Header: /cvsroot/pgsql/src/backend/utils/mmgr/portalmem.c,v 1.15 1999/01/01 04:48:47 momjian Exp $
1111
*
1212
*-------------------------------------------------------------------------
1313
*/
@@ -129,7 +129,7 @@ do { \
129129
PortalHashEnt *hentry; bool found; char key[MAX_PORTALNAME_LEN]; \
130130
\
131131
MemSet(key, 0, MAX_PORTALNAME_LEN); \
132-
sprintf(key, "%s", NAME); \
132+
snprintf(key, MAX_PORTALNAME_LEN - 1, "%s", NAME); \
133133
hentry = (PortalHashEnt*)hash_search(PortalHashTable, \
134134
key, HASH_FIND, &found); \
135135
if (hentry == NULL) \
@@ -145,7 +145,7 @@ do { \
145145
PortalHashEnt *hentry; bool found; char key[MAX_PORTALNAME_LEN]; \
146146
\
147147
MemSet(key, 0, MAX_PORTALNAME_LEN); \
148-
sprintf(key, "%s", PORTAL->name); \
148+
snprintf(key, MAX_PORTALNAME_LEN - 1, "%s", PORTAL->name); \
149149
hentry = (PortalHashEnt*)hash_search(PortalHashTable, \
150150
key, HASH_ENTER, &found); \
151151
if (hentry == NULL) \
@@ -160,7 +160,7 @@ do { \
160160
PortalHashEnt *hentry; bool found; char key[MAX_PORTALNAME_LEN]; \
161161
\
162162
MemSet(key, 0, MAX_PORTALNAME_LEN); \
163-
sprintf(key, "%s", PORTAL->name); \
163+
snprintf(key, MAX_PORTALNAME_LEN - 1, "%s", PORTAL->name); \
164164
hentry = (PortalHashEnt*)hash_search(PortalHashTable, \
165165
key, HASH_REMOVE, &found); \
166166
if (hentry == NULL) \

‎src/backend/utils/sort/psort.c

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
*
55
* Copyright (c) 1994, Regents of the University of California
66
*
7-
* $Id: psort.c,v 1.45 1998/12/14 08:11:14 scrappy Exp $
7+
* $Id: psort.c,v 1.46 1999/01/01 04:48:49 momjian Exp $
88
*
99
* NOTES
1010
*Sorts the first relation into the second relation.
@@ -1019,7 +1019,8 @@ gettape()
10191019

10201020
tp= (structtapelst*)palloc((unsigned)sizeof(structtapelst));
10211021

1022-
sprintf(uniqueName,"%spg_psort.%d.%d",TEMPDIR, (int)MyProcPid,uniqueFileId);
1022+
snprintf(uniqueName,MAXPGPATH-1,"%spg_psort.%d.%d",
1023+
TEMPDIR, (int)MyProcPid,uniqueFileId);
10231024
uniqueFileId++;
10241025

10251026
tapeinit=1;

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp