upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-04-25 16:18:21 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/port/Makefile
Noah Misch e58f042d9a Add error-throwing wrappers for the printf family of functions. 
All known standard library implementations of these functions can fail
with ENOMEM.  A caller neglecting to check for failure would experience
missing output, information exposure, or a crash.  Check return values
within wrappers and code, currently just snprintf.c, that bypasses the
wrappers.  The wrappers do not return after an error, so their callers
need not check.  Back-patch to 9.0 (all supported versions).

Popular free software standard library implementations do take pains to
bypass malloc() in simple cases, but they risk ENOMEM for floating point
numbers, positional arguments, large field widths, and large precisions.
No specification demands such caution, so this commit regards every call
to a printf family function as a potential threat.

Injecting the wrappers implicitly is a compromise between patch scope
and design goals.  I would prefer to edit each call site to name a
wrapper explicitly.  libpq and the ECPG libraries would, ideally, convey
errors to the caller rather than abort().  All that would be painfully
invasive for a back-patched security fix, hence this compromise.

Security: CVE-2015-3166
2015-05-18 10:02:38 -04:00

102 lines
3.1 KiB
Makefile
Raw Blame History

#-------------------------------------------------------------------------
#
# Makefile
# Makefile for the port-specific subsystem of the backend
#
# These files are used in other directories for portability on systems
# with broken/missing library files, and for common code sharing.
#
# This makefile generates two outputs:
#
# libpgport.a - contains object files with FRONTEND defined,
# for use by client application and libraries
#
# libpgport_srv.a - contains object files without FRONTEND defined,
# for use only by the backend binaries
#
# LIBOBJS is set by configure (via Makefile.global) to be the list of object
# files that are conditionally needed as determined by configure's probing.
# OBJS adds additional object files that are always compiled.
#
# IDENTIFICATION
# src/port/Makefile
#
#-------------------------------------------------------------------------
subdir = src/port
top_builddir = ../..
include $(top_builddir)/src/Makefile.global
override CPPFLAGS := -I$(top_builddir)/src/port -DFRONTEND $(CPPFLAGS)
LIBS += $(PTHREAD_LIBS)
OBJS = $(LIBOBJS) chklocale.o dirmod.o exec.o inet_net_ntop.o noblock.o \
path.o pgcheckdir.o pgmkdirp.o pgsleep.o pgstrcasecmp.o \
qsort.o qsort_arg.o sprompt.o syswrap.o thread.o
# foo_srv.o and foo.o are both built from foo.c, but only foo.o has -DFRONTEND
OBJS_SRV = $(OBJS:%.o=%_srv.o)
all: libpgport.a libpgport_srv.a
# libpgport is needed by some contrib
install: all installdirs
$(INSTALL_STLIB) libpgport.a '$(DESTDIR)$(libdir)/libpgport.a'
installdirs:
$(MKDIR_P) '$(DESTDIR)$(libdir)'
uninstall:
rm -f '$(DESTDIR)$(libdir)/libpgport.a'
libpgport.a: $(OBJS)
rm -f $@
$(AR) $(AROPT) $@ $^
# thread.o needs PTHREAD_CFLAGS (but thread_srv.o does not)
thread.o: thread.c
$(CC) $(CFLAGS) $(CPPFLAGS) $(PTHREAD_CFLAGS) -c $<
#
# Server versions of object files
#
libpgport_srv.a: $(OBJS_SRV)
rm -f $@
$(AR) $(AROPT) $@ $^
%_srv.o: %.c
$(CC) $(CFLAGS) $(subst -DFRONTEND,, $(CPPFLAGS)) -c $< -o $@
$(OBJS_SRV): | submake-errcodes
.PHONY: submake-errcodes
submake-errcodes:
$(MAKE) -C ../backend submake-errcodes
# Dependency is to ensure that path changes propagate
path.o: path.c pg_config_paths.h
path_srv.o: path.c pg_config_paths.h
# We create a separate file rather than put these in pg_config.h
# because many of these values come from makefiles and are not
# available to configure.
pg_config_paths.h: $(top_builddir)/src/Makefile.global
echo "#define PGBINDIR \"$(bindir)\"" >$@
echo "#define PGSHAREDIR \"$(datadir)\"" >>$@
echo "#define SYSCONFDIR \"$(sysconfdir)\"" >>$@
echo "#define INCLUDEDIR \"$(includedir)\"" >>$@
echo "#define PKGINCLUDEDIR \"$(pkgincludedir)\"" >>$@
echo "#define INCLUDEDIRSERVER \"$(includedir_server)\"" >>$@
echo "#define LIBDIR \"$(libdir)\"" >>$@
echo "#define PKGLIBDIR \"$(pkglibdir)\"" >>$@
echo "#define LOCALEDIR \"$(localedir)\"" >>$@
echo "#define DOCDIR \"$(docdir)\"" >>$@
echo "#define HTMLDIR \"$(htmldir)\"" >>$@
echo "#define MANDIR \"$(mandir)\"" >>$@
clean distclean maintainer-clean:
rm -f libpgport.a libpgport_srv.a $(OBJS) $(OBJS_SRV) pg_config_paths.h
Reference in a new issue View git blame Copy permalink