Overruns (was: 'pgsql/src/backend/lib stringinfo.c')
Goran Thyni <goran@bildbasen.se>
From: Goran Thyni <goran@bildbasen.se>
To: Bruce Momjian <maillist@candle.pha.pa.us>
Cc: Tom Lane <tgl@hub.org>, PostgreSQL-development <hackers@postgreSQL.org>
Date: 1998-11-09T08:40:54Z
Lists: pgsql-hackers
Bruce Momjian wrote:
>
> > Update of /usr/local/cvsroot/pgsql/src/backend/lib
> > In directory hub.org:/tmp/cvs-serv21717
> >
> > Modified Files:
> > stringinfo.c
> > Log Message:
> > Fix a potential infinite loop in appendStringInfo: would lock
> > up if first string to be appended to an empty StringInfo was longer
> > than the initial space allocation.
> > Also speed it up slightly.
>
> Does this remove the need for vsnprintf?
I don't think so,
vsprintf is still used if 6 places in to src tree, 5 of them is in
the backend. Each of these should be examined to determent wheater
those can be rewritten or if vsnprintf is needed.
To make matter worse:
guevara-goran# pwd
/usr/local/src/cvs/pgsql/src
guevara-goran# grep -n sprintf `find .` | wc -l
875
guevara-goran# cd backend/
guevara-goran# grep -n sprintf `find .` | wc -l
474
Their is lot of potential overruns in there,
and since pgsql is a net(-able) server we
should take that seriously.
I will look closer at these issues as time permits.
mvh,
--
---------------------------------------------
Göran Thyni, sysadm, JMS Bildbasen, Kiruna