Avoid potential buffer overflow crash

Peter Eisentraut <peter_e@gmx.net>

Commit: 0f8ff3e467b2b52e8c0c44b01a1f9a4495949ba1
Author: Peter Eisentraut <peter_e@gmx.net>
Date: 2013-11-23T12:30:16Z
Releases: 9.3.2
Avoid potential buffer overflow crash

A pointer to a C string was treated as a pointer to a "name" datum and
passed to SPI_execute_plan().  This pointer would then end up being
passed through datumCopy(), which would try to copy the entire 64 bytes
of name data, thus running past the end of the C string.  Fix by
converting the string to a proper name structure.

Found by LLVM AddressSanitizer.

Files

PathChange+/−
src/backend/utils/adt/ruleutils.c modified +1 −1