open-dsi
/
postgres
mirror of https://github.com/postgres/postgres
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix off-by-one in memory allocation for quote_literal_cstr().

Browse Source 
The calculation didn't take into account the NULL terminator. That lead
to overwriting the palloc'd buffer by one byte, if the input consists
entirely of backslashes. For example "format('%L', E'\\')".

Fixes bug #14468. Backpatch to all supported versions.

Report: https://www.postgresql.org/message-id/20161216105001.13334.42819%40wrigleys.postgresql.org
pull/18/head
Heikki Linnakangas 9 years ago
parent 93513d1b65
commit 4f5182e18d
1 changed files with 1 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      src/backend/utils/adt/quote.c

2
src/backend/utils/adt/quote.c
Unescape View File

@ -107,7 +107,7 @@ quote_literal_cstr(const char *rawstr)
len = strlen(rawstr); len = strlen(rawstr);
/* We make a worst-case result area; wasting a little space is OK */ /* We make a worst-case result area; wasting a little space is OK */
result = palloc(len * 2 + 3); result = palloc(len * 2 + 3 + 1);
newlen = quote_literal_internal(result, rawstr, len); newlen = quote_literal_internal(result, rawstr, len);
result[newlen] = '\0'; result[newlen] = '\0';

Write Preview
Loading…
Cancel
Save