mirror of
https://github.com/postgres/postgres.git
synced 2026-03-11 10:45:17 -04:00
c81062e8e1
Fix a small number of places that were testing the result of snprintf() but doing so incorrectly. The right test for buffer overrun, per C99, is "result >= bufsize" not "result > bufsize". Some places were also checking for failure with "result == -1", but the standard only says that a negative value is delivered on failure. (Note that this only makes these places correct if snprintf() delivers C99-compliant results. But at least now these places are consistent with all the other places where we assume that.) Also, make psql_start_test() and isolation_start_test() check for buffer overrun while constructing their shell commands. There seems like a higher risk of overrun, with more severe consequences, here than there is for the individual file paths that are made elsewhere in the same functions, so this seemed like a worthwhile change. Also fix guc.c's do_serialize() to initialize errno = 0 before calling vsnprintf. In principle, this should be unnecessary because vsnprintf should have set errno if it returns a failure indication ... but the other two places this coding pattern is cribbed from don't assume that, so let's be consistent. These errors are all very old, so back-patch as appropriate. I think that only the shell command overrun cases are even theoretically reachable in practice, but there's not much point in erroneous error checks. Discussion: https://postgr.es/m/17245.1534289329@sss.pgh.pa.us |
||
|---|---|---|
| .. | ||
| adt | ||
| cache | ||
| error | ||
| fmgr | ||
| hash | ||
| init | ||
| mb | ||
| misc | ||
| mmgr | ||
| resowner | ||
| sort | ||
| time | ||
| .gitignore | ||
| errcodes.txt | ||
| Gen_dummy_probes.pl | ||
| Gen_dummy_probes.sed | ||
| Gen_fmgrtab.pl | ||
| generate-errcodes.pl | ||
| Makefile | ||
| probes.d | ||