upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-02-17 09:42:54 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
Base de données relationnelle
60473 commits 38 branches 674 tags 838 MiB
C 84.9%
PLpgSQL 6.1%
Perl 4.7%
Yacc 1.2%
Meson 0.7%
Other 2.2%
Find a file
Andres Freund efdadeb223 Fix PQescapeLiteral()/PQescapeIdentifier() length handling 
In 5dc1e42b4f I fixed bugs in various escape functions, unfortunately as part
of that I introduced a new bug in PQescapeLiteral()/PQescapeIdentifier(). The
bug is that I made PQescapeInternal() just use strlen(), rather than taking
the specified input length into account.

That's bad, because it can lead to including input that wasn't intended to be
included (in case len is shorter than null termination of the string) and
because it can lead to reading invalid memory if the input string is not null
terminated.

Expand test_escape to this kind of bug:

a) for escape functions with length support, append data that should not be
   escaped and check that it is not

b) add valgrind requests to detect access of bytes that should not be touched

Author: Tom Lane <tgl@sss.pgh.pa.us>
Author: Andres Freund <andres@anarazel.de
Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us>
Reviewed-by: Noah Misch <noah@leadboat.com>
Discussion: https://postgr.es/m/Z64jD3u46gObCo1p@pryzbyj2023
Backpatch: 13
2025-02-14 18:09:19 -05:00
.github Add CODE_OF_CONDUCT.md, CONTRIBUTING.md, and SECURITY.md. 2024-07-02 13:03:58 -05:00
config Remove flex version checks 2025-01-17 09:30:42 +01:00
contrib pgcrypto: Add support for CFB mode in AES encryption 2025-02-14 21:18:37 +01:00
doc Add delay time to VACUUM/ANALYZE (VERBOSE) and autovacuum logs. 2025-02-14 14:53:28 -06:00
src Fix PQescapeLiteral()/PQescapeIdentifier() length handling 2025-02-14 18:09:19 -05:00
.cirrus.star Remove duplicate words in docs and code comments. 2023-10-09 09:18:47 +05:30
.cirrus.tasks.yml ci: Collect core files on NetBSD and OpenBSD 2025-02-12 09:40:20 -05:00
.cirrus.yml ci: Test NetBSD and OpenBSD 2025-02-12 09:40:07 -05:00
.dir-locals.el
.editorconfig Add script to keep .editorconfig in sync with .gitattributes 2025-02-01 10:09:45 +01:00
.git-blame-ignore-revs Add commit 76aa615943 to .git-blame-ignore-revs 2025-02-01 16:48:18 +09:00
.gitattributes Add script to keep .editorconfig in sync with .gitattributes 2025-02-01 10:09:45 +01:00
.gitignore Update top-level .gitignore. 2022-12-04 15:23:00 -05:00
.mailmap Add a Git .mailmap file 2024-11-05 13:56:02 +01:00
aclocal.m4 autoconf: Move export_dynamic determination to configure 2022-12-06 18:55:28 -08:00
configure Remove support for linking with libeay32 and ssleay32 2025-02-06 20:26:46 +01:00
configure.ac Remove support for linking with libeay32 and ssleay32 2025-02-06 20:26:46 +01:00
COPYRIGHT Update copyright for 2025 2025-01-01 11:21:55 -05:00
GNUmakefile.in Allow selecting the git revision to be packaged by "make dist". 2024-05-03 11:08:50 -04:00
HISTORY
Makefile Remove AIX support 2024-02-28 15:17:23 +04:00
meson.build meson: Fix failure to detect bsd_auth.h presence 2025-02-12 08:15:53 -05:00
meson_options.txt Update copyright for 2025 2025-01-01 11:21:55 -05:00
README.md Revise the style of a paragraph in README.md. 2024-03-21 10:16:41 -05:00

README.md

PostgreSQL Database Management System

This directory contains the source code distribution of the PostgreSQL database management system.

PostgreSQL is an advanced object-relational database management system that supports an extended subset of the SQL standard, including transactions, foreign keys, subqueries, triggers, user-defined types and functions. This distribution also contains C language bindings.

Copyright and license information can be found in the file COPYRIGHT.

General documentation about this version of PostgreSQL can be found at https://www.postgresql.org/docs/devel/. In particular, information about building PostgreSQL from the source code can be found at https://www.postgresql.org/docs/devel/installation.html.

The latest version of this software, and related software, may be obtained at https://www.postgresql.org/download/. For more information look at our web site located at https://www.postgresql.org/.