Detect buffer underflow in get_th()
Peter Eisentraut <peter@eisentraut.org>
Author:
Peter Eisentraut <peter@eisentraut.org>
Date: 2025-08-18T09:03:22Z
Releases:
19 (unreleased)
Detect buffer underflow in get_th() Input with zero length can result in a buffer underflow when accessing *(num + (len - 1)), as (len - 1) would produce a negative index. Add an assertion for zero-length input to prevent it. This was found by ALT Linux Team. Reviewing the call sites shows that get_th() currently cannot be applied to an empty string: it is always called on a string containing a number we've just printed. Therefore, an assertion rather than a user-facing error message is sufficient. Co-authored-by: Alexander Kuznetsov <kuznetsovam@altlinux.org> Discussion: https://www.postgresql.org/message-id/flat/e22df993-cdb4-4d0a-b629-42211ebed582@altlinux.org
Files
| Path | Change | +/− |
|---|---|---|
| src/backend/utils/adt/formatting.c | modified | +2 −0 |
Discussion
- Detect buffer underflow in get_th() 6 messages · 2024-07-24 → 2025-08-18