Fix buffer overrun after incomplete read in pullf_read_max().

Noah Misch <noah@leadboat.com>

Commit: ce6f261cd2df5f166ee21d54c4ad13f535193035
Author: Noah Misch <noah@leadboat.com>
Date: 2015-02-02T15:00:52Z
Releases: 9.0.19
Fix buffer overrun after incomplete read in pullf_read_max().

Most callers pass a stack buffer.  The ensuing stack smash can crash the
server, and we have not ruled out the viability of attacks that lead to
privilege escalation.  Back-patch to 9.0 (all supported versions).

Marko Tiikkaja

Security: CVE-2015-0243

Files