database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-06-11 20:28:21 +03:00
Code Activity

The attached patch changes most of the usages of sprintf() to

Browse Source 
snprintf() in contrib/. I didn't touch the places where pointer
arithmatic was being used, or other areas where the fix wasn't
trivial. I would think that few, if any, of the usages of sprintf()
were actually exploitable, but it's probably better to be paranoid...

Neil Conway
This commit is contained in:
Bruce Momjian
2002-08-15 02:58:29 +00:00
parent 7f4981f4af
commit 66eb8df6a4
15 changed files with 80 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
contrib/mSQL-interface/mpgsql.c
View File

@ -106,7 +106,7 @@ msqlCreateDB(int a, char *b)
{
char tbuf[BUFSIZ];
sprintf(tbuf, "create database %s", b);
snprintf(tbuf, BUFSIZ, "create database %s", b);
return msqlQuery(a, tbuf) >= 0 ? 0 : -1;
}
@ -115,7 +115,7 @@ msqlDropDB(int a, char *b)
{
char tbuf[BUFSIZ];
sprintf(tbuf, "drop database %s", b);
snprintf(tbuf, BUFSIZ, "drop database %s", b);
return msqlQuery(a, tbuf) >= 0 ? 0 : -1;
}
@ -262,7 +262,9 @@ msqlListTables(int a)
m_result *m;
char tbuf[BUFSIZ];
sprintf(tbuf, "select relname from pg_class where relkind='r' and relowner=%d", getuid());
snprintf(tbuf, BUFSIZ,
"select relname from pg_class where relkind='r' and relowner=%d",
getuid());
if (msqlQuery(a, tbuf) > 0)
{
m = msqlStoreResult();
@ -284,7 +286,9 @@ msqlListIndex(int a, char *b, char *c)
m_result *m;
char tbuf[BUFSIZ];
sprintf(tbuf, "select relname from pg_class where relkind='i' and relowner=%d", getuid());
snprintf(tbuf, BUFSIZ,
"select relname from pg_class where relkind='i' and relowner=%d",
getuid());
if (msqlQuery(a, tbuf) > 0)
{
m = msqlStoreResult();