Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Commitf86e6ba

Browse files
committed
Add runtime checks for number of query parameters passed to libpq functions.
The maximum number of parameters supported by the FE/BE protocol is 65535,as it's transmitted as a 16-bit unsigned integer. However, the nParamsarguments to libpq functions are all of type 'int'. We can't change thesignature of libpq functions, but a simple bounds check is in order to makeit more clear what's going wrong if you try to pass more than 65535parameters.Per complaint from Jim Vanns.
1 parentc1774d2 commitf86e6ba

File tree

1 file changed

+22
-1
lines changed

1 file changed

+22
-1
lines changed

‎src/interfaces/libpq/fe-exec.c

Lines changed: 22 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1113,6 +1113,7 @@ PQsendQuery(PGconn *conn, const char *query)
11131113
if (!PQsendQueryStart(conn))
11141114
return0;
11151115

1116+
/* check the argument */
11161117
if (!query)
11171118
{
11181119
printfPQExpBuffer(&conn->errorMessage,
@@ -1170,12 +1171,19 @@ PQsendQueryParams(PGconn *conn,
11701171
if (!PQsendQueryStart(conn))
11711172
return0;
11721173

1174+
/* check the arguments */
11731175
if (!command)
11741176
{
11751177
printfPQExpBuffer(&conn->errorMessage,
11761178
libpq_gettext("command string is a null pointer\n"));
11771179
return0;
11781180
}
1181+
if (nParams<0||nParams>65535)
1182+
{
1183+
printfPQExpBuffer(&conn->errorMessage,
1184+
libpq_gettext("number of parameters must be between 0 and 65535\n"));
1185+
return0;
1186+
}
11791187

11801188
returnPQsendQueryGuts(conn,
11811189
command,
@@ -1203,19 +1211,25 @@ PQsendPrepare(PGconn *conn,
12031211
if (!PQsendQueryStart(conn))
12041212
return0;
12051213

1214+
/* check the arguments */
12061215
if (!stmtName)
12071216
{
12081217
printfPQExpBuffer(&conn->errorMessage,
12091218
libpq_gettext("statement name is a null pointer\n"));
12101219
return0;
12111220
}
1212-
12131221
if (!query)
12141222
{
12151223
printfPQExpBuffer(&conn->errorMessage,
12161224
libpq_gettext("command string is a null pointer\n"));
12171225
return0;
12181226
}
1227+
if (nParams<0||nParams>65535)
1228+
{
1229+
printfPQExpBuffer(&conn->errorMessage,
1230+
libpq_gettext("number of parameters must be between 0 and 65535\n"));
1231+
return0;
1232+
}
12191233

12201234
/* This isn't gonna work on a 2.0 server */
12211235
if (PG_PROTOCOL_MAJOR(conn->pversion)<3)
@@ -1298,12 +1312,19 @@ PQsendQueryPrepared(PGconn *conn,
12981312
if (!PQsendQueryStart(conn))
12991313
return0;
13001314

1315+
/* check the arguments */
13011316
if (!stmtName)
13021317
{
13031318
printfPQExpBuffer(&conn->errorMessage,
13041319
libpq_gettext("statement name is a null pointer\n"));
13051320
return0;
13061321
}
1322+
if (nParams<0||nParams>65535)
1323+
{
1324+
printfPQExpBuffer(&conn->errorMessage,
1325+
libpq_gettext("number of parameters must be between 0 and 65535\n"));
1326+
return0;
1327+
}
13071328

13081329
returnPQsendQueryGuts(conn,
13091330
NULL,/* no command to parse */

0 commit comments

Comments
 (0)

[8]ページ先頭

©2009-2025 Movatter.jp