upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-02-12 15:23:16 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src
History
Noah Misch 12bbce15d9 Predict integer overflow to avoid buffer overruns. 
Several functions, mostly type input functions, calculated an allocation
size such that the calculation wrapped to a small positive value when
arguments implied a sufficiently-large requirement.  Writes past the end
of the inadvertent small allocation followed shortly thereafter.
Coverity identified the path_in() vulnerability; code inspection led to
the rest.  In passing, add check_stack_depth() to prevent stack overflow
in related functions.

Back-patch to 8.4 (all supported versions).  The non-comment hstore
changes touch code that did not exist in 8.4, so that part stops at 9.0.

Noah Misch and Heikki Linnakangas, reviewed by Tom Lane.

Security: CVE-2014-0064
2014-02-17 09:33:33 -05:00
..
backend Predict integer overflow to avoid buffer overruns. 2014-02-17 09:33:33 -05:00
bin Clean up error cases in psql's COPY TO STDOUT/FROM STDIN code. 2014-02-13 18:45:20 -05:00
include Predict integer overflow to avoid buffer overruns. 2014-02-17 09:33:33 -05:00
interfaces Fix handling of wide datetime input/output. 2014-02-17 09:33:33 -05:00
makefiles Don't use deprecated dllwrap on Cygwin. 2014-02-01 16:13:46 -05:00
pl Prevent privilege escalation in explicit calls to PL validators. 2014-02-17 09:33:33 -05:00
port Add "SHIFT_JIS" as an accepted encoding name for locale checking. 2013-12-15 11:10:49 +09:00
template Remove BSD/OS (BSDi) port. There are no known users upgrading to 2012-05-03 10:58:44 -04:00
test Fix handling of wide datetime input/output. 2014-02-17 09:33:33 -05:00
timezone Ooops, forgot to remove solar87 and friends from src/timezone/Makefile. 2014-02-14 23:20:20 -05:00
tools Don't generate plain-text HISTORY and src/test/regress/README anymore. 2014-02-10 20:48:20 -05:00
tutorial Modernize string literal syntax in tutorial example. 2013-01-19 17:20:56 -05:00
.gitignore Convert cvsignore to gitignore, and add .gitignore for build targets. 2010-09-22 12:57:04 +02:00
bcc32.mak Remove useless whitespace at end of lines 2010-11-23 22:34:55 +02:00
DEVELOPERS Replace a couple of references to files that no longer exist in the source 2009-05-04 08:08:47 +00:00
Makefile Fix some oversights in distprep and maintainer-clean targets. 2011-03-10 00:04:05 -05:00
Makefile.global.in Revert "Backpatch pgxs vpath build and installation fixes (v2)" 2013-10-07 22:37:26 -04:00
Makefile.shlib fix whitespace 2014-02-01 16:30:18 -05:00
nls-global.mk Lots of doc corrections. 2012-04-23 22:43:09 -04:00
win32.mak Remove useless whitespace at end of lines 2010-11-23 22:34:55 +02:00