database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-07 00:36:50 +03:00
Code Activity

Don't use ordinary NULL-terminated strings as Name datums.

Browse Source 
Consumers are entitled to read the full 64 bytes pertaining to a Name;
using a shorter NULL-terminated string leads to reading beyond the end
its allocation; a SIGSEGV is possible.  Use the frequent idiom of
copying to a NameData on the stack.  New in 9.3, so no back-patch.
This commit is contained in:
Noah Misch
2013-06-12 19:49:50 -04:00
parent dc3eb56383
commit ff53890f68
2 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/backend/commands/alter.c
View File

@ -168,6 +168,7 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
Datum *values;
bool *nulls;
bool *replaces;
NameData nameattrdata;
oldtup = SearchSysCache1(oidCacheId, ObjectIdGetDatum(objectId));
if (!HeapTupleIsValid(oldtup))
@ -273,7 +274,8 @@ AlterObjectRename_internal(Relation rel, Oid objectId, const char *new_name)
values = palloc0(RelationGetNumberOfAttributes(rel) * sizeof(Datum));
nulls = palloc0(RelationGetNumberOfAttributes(rel) * sizeof(bool));
replaces = palloc0(RelationGetNumberOfAttributes(rel) * sizeof(bool));
values[Anum_name - 1] = PointerGetDatum(new_name);
namestrcpy(&nameattrdata, new_name);
values[Anum_name - 1] = NameGetDatum(&nameattrdata);
replaces[Anum_name - 1] = true;
newtup = heap_modify_tuple(oldtup, RelationGetDescr(rel),
values, nulls, replaces);