database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-06-27 23:21:58 +03:00
Code Activity
Files
98be8a6eaa9fe917f6be9e121187b912e19ab484
postgres/src/backend/utils/adt
History
Noah Misch 98be8a6eaa Predict integer overflow to avoid buffer overruns. 
Several functions, mostly type input functions, calculated an allocation
size such that the calculation wrapped to a small positive value when
arguments implied a sufficiently-large requirement.  Writes past the end
of the inadvertent small allocation followed shortly thereafter.
Coverity identified the path_in() vulnerability; code inspection led to
the rest.  In passing, add check_stack_depth() to prevent stack overflow
in related functions.

Back-patch to 8.4 (all supported versions).  The non-comment hstore
changes touch code that did not exist in 8.4, so that part stops at 9.0.

Noah Misch and Heikki Linnakangas, reviewed by Tom Lane.

Security: CVE-2014-0064
2014-02-17 09:33:39 -05:00
..
acl.c
Shore up ADMIN OPTION restrictions.
2014-02-17 09:33:38 -05:00
array_userfuncs.c
Fix array- and path-creating functions to ensure padding bytes are zeroes.
2011-04-27 13:58:49 -04:00
arrayfuncs.c
Fix array- and path-creating functions to ensure padding bytes are zeroes.
2011-04-27 13:58:49 -04:00
arrayutils.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
ascii.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
bool.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
cash.c
Fix assorted bogosities in cash_in() and cash_out().
2011-10-29 14:31:07 -04:00
char.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
date.c
Expand the allowed range of timezone offsets to +/-15:59:59 from Greenwich.
2012-05-30 19:58:54 -04:00
datetime.c
Fix some odd behaviors when using a SQL-style simple GMT offset timezone.
2013-11-01 12:13:38 -04:00
datum.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
dbsize.c
Rewrite pg_size_pretty() to avoid compiler bug.
2011-04-29 01:45:13 -04:00
domains.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
encode.c
Remove duplicate variable initializations identified by clang static checker.
2009-08-30 16:53:37 +00:00
enum.c
Prevent execution of enum_recv() from SQL.
2013-02-04 16:25:25 -05:00
float.c
Make sure float4in/float8in accept all standard spellings of "infinity".
2013-08-03 12:40:55 -04:00
format_type.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
formatting.c
Fix to_char() to use ASCII-only case-folding rules where appropriate.
2013-03-05 13:02:46 -05:00
genfile.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
geo_ops.c
Predict integer overflow to avoid buffer overruns.
2014-02-17 09:33:39 -05:00
geo_selfuncs.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
inet_net_ntop.c
Fix another passel of include-file breakage. Kris Jurka, Tom Lane
2006-07-14 16:59:19 +00:00
inet_net_pton.c
Fix another passel of include-file breakage. Kris Jurka, Tom Lane
2006-07-14 16:59:19 +00:00
int8.c
Improve handling of INT_MIN / -1 and related cases.
2012-11-19 21:21:54 -05:00
int.c
Improve handling of INT_MIN / -1 and related cases.
2012-11-19 21:21:54 -05:00
like_match.c
Rewrite LIKE's %-followed-by-_ optimization so it really works (this time
2010-05-28 17:35:30 +00:00
like.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
lockfuncs.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
mac.c
Downgrade implicit casts to text to be assignment-only, except for the ones
2007-06-05 21:31:09 +00:00
Makefile
Support window functions a la SQL:2008.
2008-12-28 18:54:01 +00:00
misc.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
nabstime.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
name.c
Fix string truncation to be multibyte-aware in text_name and bpchar_name.
2012-05-25 17:35:14 -04:00
network.c
Revert the behavior of inet/cidr functions to not unpack the arguments.
2011-12-12 10:05:29 +02:00
numeric.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
numutils.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
oid.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
oracle_compat.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
pg_locale.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
pg_lzcompress.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
pgstatfuncs.c
Fix misplaced right paren bugs in pgstatfuncs.c.
2013-12-27 15:41:46 -06:00
pseudotypes.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
quote.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
regexp.c
Fix regexp_matches() handling of zero-length matches.
2013-07-31 11:31:40 -04:00
regproc.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
ri_triggers.c
Prevent indirect security attacks via changing session-local state within
2009-12-09 21:58:04 +00:00
rowtypes.c
Fix memory leaks in record_out() and record_send().
2012-11-13 14:44:52 -05:00
ruleutils.c
Avoid potential buffer overflow crash
2013-11-23 07:31:53 -05:00
selfuncs.c
Fix booltestsel() for case where we have NULL stats but not MCV stats.
2013-07-24 00:45:15 -04:00
tid.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
timestamp.c
Fix overflow check in tm2timestamp (this time for sure).
2013-03-04 15:14:28 -05:00
trigfuncs.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
tsginidx.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
tsgistidx.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
tsquery_cleanup.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
tsquery_gist.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
tsquery_op.c
Fix core dump in QTNodeCompare when tsquery_cmp() is applied to two empty
2010-08-03 00:10:52 +00:00
tsquery_rewrite.c
Fix incorrect cleanup of tsquery in ts_rewrite(). Per bug #4933 by
2009-07-28 09:32:23 +00:00
tsquery_util.c
Predict integer overflow to avoid buffer overruns.
2014-02-17 09:33:39 -05:00
tsquery.c
Predict integer overflow to avoid buffer overruns.
2014-02-17 09:33:39 -05:00
tsrank.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
tsvector_op.c
Fix potential memory clobber in tsvector_concat().
2011-08-26 16:51:52 -04:00
tsvector_parser.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
tsvector.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
txid.c
Predict integer overflow to avoid buffer overruns.
2014-02-17 09:33:39 -05:00
uuid.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
varbit.c
Predict integer overflow to avoid buffer overruns.
2014-02-17 09:33:39 -05:00
varchar.c
Fix string truncation to be multibyte-aware in text_name and bpchar_name.
2012-05-25 17:35:14 -04:00
varlena.c
Fix regexp_matches() handling of zero-length matches.
2013-07-31 11:31:40 -04:00
version.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
windowfuncs.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
xid.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
xml.c
Prevent access to external files/URLs via XML entity references.
2012-08-14 18:32:43 -04:00