Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitd65a27f

Browse files
committed
Hi,
I was able to crash postgres 6.5.3 when I did an 'alter user' command.After I started a debugger I found the problem in the timezone handlingofdatetime (my Linux box lost its timezone information, that's how theproblem occurred).Only 7 bytes are reserved for the timezone, without checking forboundaries.Attached is a patch that fixes this problem and emits a NOTICE if atimezone is encountered that is longer than MAXTZLEN bytes, like this:Jeroen van Vianen
1 parent469cf43 commitd65a27f

File tree

2 files changed

+24
-6
lines changed

2 files changed

+24
-6
lines changed

‎src/backend/utils/adt/dt.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
*
88
*
99
* IDENTIFICATION
10-
* $Header: /cvsroot/pgsql/src/backend/utils/adt/Attic/dt.c,v 1.76 1999/07/17 20:17:55 momjian Exp $
10+
* $Header: /cvsroot/pgsql/src/backend/utils/adt/Attic/dt.c,v 1.77 1999/12/09 05:02:24 momjian Exp $
1111
*
1212
*-------------------------------------------------------------------------
1313
*/
@@ -4327,7 +4327,7 @@ EncodeDateTime(struct tm * tm, double fsec, int *tzp, char **tzn, int style, cha
43274327
if ((*tzn!=NULL)&& (tm->tm_isdst >=0))
43284328
{
43294329
strcpy((str+27)," ");
4330-
strcpy((str+28),*tzn);
4330+
strncpy((str+28),*tzn,MAXTZLEN);
43314331
}
43324332
}
43334333
else
@@ -4336,7 +4336,7 @@ EncodeDateTime(struct tm * tm, double fsec, int *tzp, char **tzn, int style, cha
43364336
if ((*tzn!=NULL)&& (tm->tm_isdst >=0))
43374337
{
43384338
strcpy((str+24)," ");
4339-
strcpy((str+25),*tzn);
4339+
strncpy((str+25),*tzn,MAXTZLEN);
43404340
}
43414341
}
43424342

‎src/backend/utils/adt/nabstime.c

Lines changed: 21 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
*
55
* Copyright (c) 1994, Regents of the University of California
66
*
7-
* $Id: nabstime.c,v 1.61 1999/07/17 20:17:57 momjian Exp $
7+
* $Id: nabstime.c,v 1.62 1999/12/09 05:02:24 momjian Exp $
88
*
99
*/
1010
#include<ctype.h>
@@ -174,7 +174,16 @@ abstime2tm(AbsoluteTime time, int *tzp, struct tm * tm, char *tzn)
174174
*tzp=-tm->tm_gmtoff;/* tm_gmtoff is Sun/DEC-ism */
175175
/* XXX FreeBSD man pages indicate that this should work - tgl 97/04/23 */
176176
if (tzn!=NULL)
177-
strcpy(tzn,tm->tm_zone);
177+
{
178+
/* Copy no more than MAXTZLEN bytes of timezone to tzn, in case it
179+
contains an error message, which doesn't fit in the buffer */
180+
strncpy(tzn,tm->tm_zone,MAXTZLEN);
181+
if (strlen(tm->tm_zone)>MAXTZLEN)
182+
{
183+
tzn[MAXTZLEN]='\0';
184+
elog(NOTICE,"Invalid timezone \'%s\'",tm->tm_zone);
185+
}
186+
}
178187
#elif defined(HAVE_INT_TIMEZONE)
179188
if (tzp!=NULL)
180189
#ifdef__CYGWIN__
@@ -183,7 +192,16 @@ abstime2tm(AbsoluteTime time, int *tzp, struct tm * tm, char *tzn)
183192
*tzp= (tm->tm_isdst ? (timezone-3600) :timezone);
184193
#endif
185194
if (tzn!=NULL)
186-
strcpy(tzn,tzname[tm->tm_isdst]);
195+
{
196+
/* Copy no more than MAXTZLEN bytes of timezone to tzn, in case it
197+
contains an error message, which doesn't fit in the buffer */
198+
strncpy(tzn,tzname[tm->tm_isdst],MAXTZLEN);
199+
if (strlen(tzname[tm->tm_isdst])>MAXTZLEN)
200+
{
201+
tzn[MAXTZLEN]='\0';
202+
elog(NOTICE,"Invalid timezone \'%s\'",tzname[tm->tm_isdst]);
203+
}
204+
}
187205
#else
188206
#error POSIX time support is broken
189207
#endif

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp