Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitfb2aece

Browse files
committed
Replace a few strncmp() calls with strlcpy().
strncmp() is a specialized API unsuited for routine copying intofixed-size buffers. On a system where the length of a single filenamecan exceed MAXPGPATH, the pg_archivecleanup change prevents a simplecrash in the subsequent strlen(). Few filesystems support names thatlong, and calling pg_archivecleanup with untrusted input is still not acredible use case. Therefore, no back-patch.David Rowley
1 parent7fc5f1a commitfb2aece

File tree

2 files changed

+8
-2
lines changed

2 files changed

+8
-2
lines changed

‎contrib/pg_archivecleanup/pg_archivecleanup.c‎

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -108,7 +108,12 @@ CleanupPriorWALFiles(void)
108108
{
109109
while (errno=0, (xlde=readdir(xldir))!=NULL)
110110
{
111-
strncpy(walfile,xlde->d_name,MAXPGPATH);
111+
/*
112+
* Truncation is essentially harmless, because we skip names of
113+
* length other than XLOG_DATA_FNAME_LEN. (In principle, one
114+
* could use a 1000-character additional_ext and get trouble.)
115+
*/
116+
strlcpy(walfile,xlde->d_name,MAXPGPATH);
112117
TrimExtension(walfile,additional_ext);
113118

114119
/*

‎src/backend/access/transam/xlogarchive.c‎

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -459,7 +459,8 @@ KeepFileRestoredFromArchive(char *path, char *xlogfname)
459459
xlogfpath,oldpath)));
460460
}
461461
#else
462-
strncpy(oldpath,xlogfpath,MAXPGPATH);
462+
/* same-size buffers, so this never truncates */
463+
strlcpy(oldpath,xlogfpath,MAXPGPATH);
463464
#endif
464465
if (unlink(oldpath)!=0)
465466
ereport(FATAL,

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp