upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-03-14 06:32:18 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src
History
Noah Misch 0b7026d964 Predict integer overflow to avoid buffer overruns. 
Several functions, mostly type input functions, calculated an allocation
size such that the calculation wrapped to a small positive value when
arguments implied a sufficiently-large requirement.  Writes past the end
of the inadvertent small allocation followed shortly thereafter.
Coverity identified the path_in() vulnerability; code inspection led to
the rest.  In passing, add check_stack_depth() to prevent stack overflow
in related functions.

Back-patch to 8.4 (all supported versions).  The non-comment hstore
changes touch code that did not exist in 8.4, so that part stops at 9.0.

Noah Misch and Heikki Linnakangas, reviewed by Tom Lane.

Security: CVE-2014-0064
2014-02-17 09:33:37 -05:00
..
backend Predict integer overflow to avoid buffer overruns. 2014-02-17 09:33:37 -05:00
bin Clean up error cases in psql's COPY TO STDOUT/FROM STDIN code. 2014-02-13 18:45:23 -05:00
include Predict integer overflow to avoid buffer overruns. 2014-02-17 09:33:37 -05:00
interfaces Fix handling of wide datetime input/output. 2014-02-17 09:33:37 -05:00
makefiles Don't use deprecated dllwrap on Cygwin. 2014-02-01 16:14:01 -05:00
pl Prevent privilege escalation in explicit calls to PL validators. 2014-02-17 09:33:36 -05:00
port Add "SHIFT_JIS" as an accepted encoding name for locale checking. 2013-12-15 11:10:56 +09:00
template Remove cvs keywords from all files. 2010-09-20 22:08:53 +02:00
test Fix handling of wide datetime input/output. 2014-02-17 09:33:37 -05:00
timezone Ooops, forgot to remove solar87 and friends from src/timezone/Makefile. 2014-02-14 23:20:24 -05:00
tools Don't generate plain-text HISTORY and src/test/regress/README anymore. 2014-02-10 20:48:23 -05:00
tutorial Modernize string literal syntax in tutorial example. 2013-01-19 17:21:08 -05:00
.gitignore Convert cvsignore to gitignore, and add .gitignore for build targets. 2010-09-22 12:57:04 +02:00
bcc32.mak Remove useless whitespace at end of lines 2010-11-23 22:34:55 +02:00
DEVELOPERS Replace a couple of references to files that no longer exist in the source 2009-05-04 08:08:47 +00:00
Makefile Fix some oversights in distprep and maintainer-clean targets. 2011-03-10 00:04:05 -05:00
Makefile.global.in Revert "Backpatch pgxs vpath build and installation fixes (v2)" 2013-10-07 22:39:30 -04:00
Makefile.shlib fix whitespace 2014-02-01 16:30:14 -05:00
nls-global.mk Fix makefile logic to not break the build when xgettext is missing 2010-10-14 23:16:46 +03:00
win32.mak Remove useless whitespace at end of lines 2010-11-23 22:34:55 +02:00