upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-03-14 14:42:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/include/utils
History
Noah Misch 6a10e57b0f Fix handling of wide datetime input/output. 
Many server functions use the MAXDATELEN constant to size a buffer for
parsing or displaying a datetime value.  It was much too small for the
longest possible interval output and slightly too small for certain
valid timestamp input, particularly input with a long timezone name.
The long input was rejected needlessly; the long output caused
interval_out() to overrun its buffer.  ECPG's pgtypes library has a copy
of the vulnerable functions, which bore the same vulnerabilities along
with some of its own.  In contrast to the server, certain long inputs
caused stack overflow rather than failing cleanly.  Back-patch to 8.4
(all supported versions).

Reported by Daniel Schüssler, reviewed by Tom Lane.

Security: CVE-2014-0063
2014-02-17 09:33:37 -05:00
..
.gitignore Avoid maintaining three separate copies of the error codes list. 2011-02-03 22:32:49 -05:00
acl.h Remove partial and undocumented GRANT .. FOREIGN TABLE support. 2011-04-25 16:39:18 -04:00
array.h Add FOREACH IN ARRAY looping to plpgsql. 2011-02-16 01:53:03 -05:00
ascii.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
attoptcache.h Fix include-guard 2013-07-07 13:38:57 +02:00
builtins.h Back-patch fix for extraction of fixed prefixes from regular expressions. 2012-07-10 18:00:44 -04:00
bytea.h pgindent run before PG 9.1 beta 1. 2011-04-10 11:42:00 -04:00
cash.h Add casts from int4 and int8 to numeric. 2011-04-05 09:35:43 -04:00
catcache.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
combocid.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
date.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
datetime.h Fix handling of wide datetime input/output. 2014-02-17 09:33:37 -05:00
datum.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
dynahash.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
dynamic_loader.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
elog.h Add an errdetail_internal() ereport auxiliary routine. 2011-07-16 14:22:32 -04:00
fmgrtab.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
formatting.h Fix to_char() to use ASCII-only case-folding rules where appropriate. 2013-03-05 13:02:38 -05:00
geo_decls.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
guc.h Improve and simplify CREATE EXTENSION's management of GUC variables. 2011-10-05 20:44:22 -04:00
guc_tables.h Reclassify replication-related GUC variables as "master" and "standby". 2011-07-07 15:11:56 -04:00
help_config.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
hsearch.h Pgindent run before 9.1 beta2. 2011-06-09 14:32:50 -04:00
inet.h Revert the behavior of inet/cidr functions to not unpack the arguments. 2011-12-12 10:05:15 +02:00
int8.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
inval.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
logtape.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
lsyscache.h Remove assumptions that not-equals operators cannot be in any opclass. 2011-07-06 14:53:42 -04:00
memutils.h Fix obsolete comment. 2011-02-15 13:27:54 -05:00
nabstime.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
numeric.h pgindent run before PG 9.1 beta 1. 2011-04-10 11:42:00 -04:00
palloc.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
pg_crc.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
pg_locale.h Fix char2wchar/wchar2char to support collations properly. 2011-04-23 12:35:41 -04:00
pg_lzcompress.h Remove cvs keywords from all files. 2010-09-20 22:08:53 +02:00
pg_rusage.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
plancache.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
portal.h Run a portal's cleanup hook immediately when pushing it to FAILED state. 2012-02-15 16:18:39 -05:00
ps_status.h Remove cvs keywords from all files. 2010-09-20 22:08:53 +02:00
rbtree.h pgindent run before PG 9.1 beta 1. 2011-04-10 11:42:00 -04:00
rel.h Fix failure to ignore leftover temp tables after a server crash. 2012-12-17 20:15:45 -05:00
relcache.h Fix race condition in relcache init file invalidation. 2011-08-16 13:12:03 -04:00
relmapper.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
resowner.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
selfuncs.h Refactor pattern_fixed_prefix() to avoid dealing in incomplete patterns. 2012-07-09 23:23:09 -04:00
snapmgr.h Rearrange snapshot handling to make rule expansion more consistent. 2011-02-28 23:28:06 -05:00
snapshot.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
spccache.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
syscache.h Per-column collation support 2011-02-08 23:04:18 +02:00
timestamp.h Expand the allowed range of timezone offsets to +/-15:59:59 from Greenwich. 2012-05-30 19:58:41 -04:00
tqual.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
tuplesort.h Pass collations to functions in FunctionCallInfoData, not FmgrInfo. 2011-04-12 19:19:24 -04:00
tuplestore.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
typcache.h Fix failure to check whether a rowtype's component types are sortable. 2011-06-03 15:39:17 -04:00
tzparser.h Revise the API for GUC variable assign hooks. 2011-04-07 00:12:02 -04:00
uuid.h Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
varbit.h pgindent run before PG 9.1 beta 1. 2011-04-10 11:42:00 -04:00
xml.h pgindent run before PG 9.1 beta 1. 2011-04-10 11:42:00 -04:00