Skip to content

Commit d65a27f

Browse files
bmomjianbmomjian
committed
Hi,
I was able to crash postgres 6.5.3 when I did an 'alter user' command. After I started a debugger I found the problem in the timezone handling of datetime (my Linux box lost its timezone information, that's how the problem occurred). Only 7 bytes are reserved for the timezone, without checking for boundaries. Attached is a patch that fixes this problem and emits a NOTICE if a timezone is encountered that is longer than MAXTZLEN bytes, like this: Jeroen van Vianen
1 parent 469cf43 commit d65a27f

File tree

2 files changed

+24
-6
lines changed

2 files changed

+24
-6
lines changed

src/backend/utils/adt/dt.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
*
88
*
99
* IDENTIFICATION
10-
* $Header: /cvsroot/pgsql/src/backend/utils/adt/Attic/dt.c,v 1.76 1999/07/17 20:17:55 momjian Exp $
10+
* $Header: /cvsroot/pgsql/src/backend/utils/adt/Attic/dt.c,v 1.77 1999/12/09 05:02:24 momjian Exp $
1111
*
1212
*-------------------------------------------------------------------------
1313
*/
@@ -4327,7 +4327,7 @@ EncodeDateTime(struct tm * tm, double fsec, int *tzp, char **tzn, int style, cha
43274327
if ((*tzn != NULL) && (tm->tm_isdst >= 0))
43284328
{
43294329
strcpy((str + 27), " ");
4330-
strcpy((str + 28), *tzn);
4330+
strncpy((str + 28), *tzn, MAXTZLEN);
43314331
}
43324332
}
43334333
else
@@ -4336,7 +4336,7 @@ EncodeDateTime(struct tm * tm, double fsec, int *tzp, char **tzn, int style, cha
43364336
if ((*tzn != NULL) && (tm->tm_isdst >= 0))
43374337
{
43384338
strcpy((str + 24), " ");
4339-
strcpy((str + 25), *tzn);
4339+
strncpy((str + 25), *tzn, MAXTZLEN);
43404340
}
43414341
}
43424342

src/backend/utils/adt/nabstime.c

Lines changed: 21 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
*
55
* Copyright (c) 1994, Regents of the University of California
66
*
7-
* $Id: nabstime.c,v 1.61 1999/07/17 20:17:57 momjian Exp $
7+
* $Id: nabstime.c,v 1.62 1999/12/09 05:02:24 momjian Exp $
88
*
99
*/
1010
#include <ctype.h>
@@ -174,7 +174,16 @@ abstime2tm(AbsoluteTime time, int *tzp, struct tm * tm, char *tzn)
174174
*tzp = -tm->tm_gmtoff; /* tm_gmtoff is Sun/DEC-ism */
175175
/* XXX FreeBSD man pages indicate that this should work - tgl 97/04/23 */
176176
if (tzn != NULL)
177-
strcpy(tzn, tm->tm_zone);
177+
{
178+
/* Copy no more than MAXTZLEN bytes of timezone to tzn, in case it
179+
contains an error message, which doesn't fit in the buffer */
180+
strncpy(tzn, tm->tm_zone, MAXTZLEN);
181+
if (strlen(tm->tm_zone) > MAXTZLEN)
182+
{
183+
tzn[MAXTZLEN] = '\0';
184+
elog(NOTICE, "Invalid timezone \'%s\'", tm->tm_zone);
185+
}
186+
}
178187
#elif defined(HAVE_INT_TIMEZONE)
179188
if (tzp != NULL)
180189
#ifdef __CYGWIN__
@@ -183,7 +192,16 @@ abstime2tm(AbsoluteTime time, int *tzp, struct tm * tm, char *tzn)
183192
*tzp = (tm->tm_isdst ? (timezone - 3600) : timezone);
184193
#endif
185194
if (tzn != NULL)
186-
strcpy(tzn, tzname[tm->tm_isdst]);
195+
{
196+
/* Copy no more than MAXTZLEN bytes of timezone to tzn, in case it
197+
contains an error message, which doesn't fit in the buffer */
198+
strncpy(tzn, tzname[tm->tm_isdst], MAXTZLEN);
199+
if (strlen(tzname[tm->tm_isdst]) > MAXTZLEN)
200+
{
201+
tzn[MAXTZLEN] = '\0';
202+
elog(NOTICE, "Invalid timezone \'%s\'", tzname[tm->tm_isdst]);
203+
}
204+
}
187205
#else
188206
#error POSIX time support is broken
189207
#endif

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy