Skip to content

Commit 9e0e148

Browse files
tglsfdctglsfdc
committed
pq_getstr didn't handle buffer overrun correctly; it would
fail to consume the rest of the input string, and worse it would write one more byte than it should into the buffer, probably resulting in coredump. Fortunately there's a correct implementation next door in pqcomprim.c.
1 parent e50feea commit 9e0e148

File tree

1 file changed

+13
-26
lines changed

1 file changed

+13
-26
lines changed

src/backend/libpq/pqcomm.c

Lines changed: 13 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
*
88
*
99
* IDENTIFICATION
10-
* $Header: /cvsroot/pgsql/src/backend/libpq/pqcomm.c,v 1.57 1998/10/13 20:44:40 scrappy Exp $
10+
* $Header: /cvsroot/pgsql/src/backend/libpq/pqcomm.c,v 1.58 1998/11/29 01:47:42 tgl Exp $
1111
*
1212
*-------------------------------------------------------------------------
1313
*/
@@ -108,6 +108,9 @@ pq_init(int fd)
108108
*
109109
* used for debugging libpq
110110
*/
111+
112+
#if 0 /* not used anymore */
113+
111114
static int
112115
pq_getc(FILE *fin)
113116
{
@@ -119,6 +122,8 @@ pq_getc(FILE *fin)
119122
return c;
120123
}
121124

125+
#endif
126+
122127
/* --------------------------------
123128
* pq_gettty - return the name of the tty in the given buffer
124129
* --------------------------------
@@ -181,15 +186,9 @@ pq_flush()
181186
int
182187
pq_getstr(char *s, int maxlen)
183188
{
184-
int c = '\0';
185-
189+
int c;
186190
#ifdef MULTIBYTE
187-
unsigned char *p,
188-
*ps;
189-
int len;
190-
191-
ps = s;
192-
len = maxlen;
191+
char *p;
193192
#endif
194193

195194
if (Pfin == (FILE *) NULL)
@@ -198,27 +197,15 @@ pq_getstr(char *s, int maxlen)
198197
return EOF;
199198
}
200199

201-
while (maxlen-- && (c = pq_getc(Pfin)) != EOF && c)
202-
*s++ = c;
203-
*s = '\0';
200+
c = pqGetString(s, maxlen, Pfin);
204201

205202
#ifdef MULTIBYTE
206-
p = pg_client_to_server(ps, len);
207-
if (ps != p)
208-
{ /* actual conversion has been done? */
209-
strcpy(ps, p);
210-
}
203+
p = (char*) pg_client_to_server((unsigned char *) s, maxlen);
204+
if (s != p) /* actual conversion has been done? */
205+
strcpy(s, p);
211206
#endif
212207

213-
/* -----------------
214-
* If EOF reached let caller know.
215-
* (This will only happen if we hit EOF before the string
216-
* delimiter is reached.)
217-
* -----------------
218-
*/
219-
if (c == EOF)
220-
return EOF;
221-
return !EOF;
208+
return c;
222209
}
223210

224211
/*

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy