Menu
▾
▴
postgres-xc-committers — Announces PG-XC repository commits
You can subscribe to this list here.
| 2010 |
Jan
|
Feb
|
Mar
|
Apr
(4) |
May
(28) |
Jun
(12) |
Jul
(11) |
Aug
(12) |
Sep
(5) |
Oct
(19) |
Nov
(14) |
Dec
(12) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2011 |
Jan
(18) |
Feb
(30) |
Mar
(115) |
Apr
(89) |
May
(50) |
Jun
(44) |
Jul
(22) |
Aug
(13) |
Sep
(11) |
Oct
(30) |
Nov
(28) |
Dec
(39) |
| 2012 |
Jan
(38) |
Feb
(18) |
Mar
(43) |
Apr
(91) |
May
(108) |
Jun
(46) |
Jul
(37) |
Aug
(44) |
Sep
(33) |
Oct
(29) |
Nov
(36) |
Dec
(15) |
| 2013 |
Jan
(35) |
Feb
(611) |
Mar
(5) |
Apr
(55) |
May
(30) |
Jun
(28) |
Jul
(458) |
Aug
(34) |
Sep
(9) |
Oct
(39) |
Nov
(22) |
Dec
(32) |
| 2014 |
Jan
(16) |
Feb
(16) |
Mar
(42) |
Apr
(179) |
May
(7) |
Jun
(6) |
Jul
(9) |
Aug
|
Sep
(4) |
Oct
|
Nov
(3) |
Dec
|
| 2015 |
Jan
|
Feb
|
Mar
|
Apr
(2) |
May
(4) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
|
|
|
|
1
|
2
(1) |
3
|
4
|
|
5
|
6
|
7
|
8
|
9
(4) |
10
(1) |
11
|
|
12
|
13
(1) |
14
(1) |
15
|
16
(1) |
17
|
18
|
|
19
|
20
|
21
(1) |
22
(1) |
23
(1) |
24
|
25
|
|
26
|
27
|
28
|
29
|
30
|
31
|
|
|
From: Pavan D. <pa...@us...> - 2010-12-02 06:57:20
|
Project "Postgres-XC".
The branch, master has been updated
via 6d5e89eb5a30fd6f3e5256e40e3376ee8063f93e (commit)
from c66ed018bf6e7295c576286bba275af109b4bcb9 (commit)
- Log -----------------------------------------------------------------
commit 6d5e89eb5a30fd6f3e5256e40e3376ee8063f93e
Author: Pavan Deolasee <pav...@gm...>
Date: Thu Dec 2 12:21:42 2010 +0530
Check for buffer overflow while constructing gtm/gtm_proxy start/stop commands.
In passing, also fix another bug where an uninitialized var was being used.
Bug report and patch by Xiong Wang (Benny) with some tweaks by me
diff --git a/src/gtm/gtm_ctl/gtm_ctl.c b/src/gtm/gtm_ctl/gtm_ctl.c
index 3b01796..46d9364 100644
--- a/src/gtm/gtm_ctl/gtm_ctl.c
+++ b/src/gtm/gtm_ctl/gtm_ctl.c
@@ -246,26 +246,52 @@ static int
start_gtm(void)
{
char cmd[MAXPGPATH];
+ char gtm_app_path[MAXPGPATH];
+ int len;
+
/*
* Since there might be quotes to handle here, it is easier simply to pass
* everything to a shell to process them.
*/
+ memset(gtm_app_path, 0, MAXPGPATH);
+ memset(cmd, 0, MAXPGPATH);
+
+ /*
+ * Construct gtm binary path. We should leave one byte at the end for '\0'
+ */
+ len = 0;
if (gtm_path != NULL)
{
- strcat(gtm_path, "/");
- strcat(gtm_path, gtm_app);
+ strncpy(gtm_app_path, gtm_path, MAXPGPATH - len - 1);
+
+ len = strlen(gtm_app_path);
+ strncat(gtm_app_path, "/", MAXPGPATH - len - 1);
+
+ len = strlen(gtm_app_path);
}
- else
- gtm_path = gtm_app;
+
+ if (strlen(gtm_app) >= (MAXPGPATH - len - 1))
+ {
+ write_stderr("gtm command exceeds max size");
+ exit(1);
+ }
+
+ strncat(gtm_app_path, gtm_app, MAXPGPATH - len - 1);
if (log_file != NULL)
- snprintf(cmd, MAXPGPATH, SYSTEMQUOTE "\"%s\" %s%s < \"%s\" >> \"%s\" 2>&1 &" SYSTEMQUOTE,
- gtm_path, gtmdata_opt, gtm_opts,
+ len = snprintf(cmd, MAXPGPATH - 1, SYSTEMQUOTE "\"%s\" %s%s < \"%s\" >> \"%s\" 2>&1 &" SYSTEMQUOTE,
+ gtm_app_path, gtmdata_opt, gtm_opts,
DEVNULL, log_file);
else
- snprintf(cmd, MAXPGPATH, SYSTEMQUOTE "\"%s\" %s%s < \"%s\" 2>&1 &" SYSTEMQUOTE,
- gtm_path, gtmdata_opt, gtm_opts, DEVNULL);
+ len = snprintf(cmd, MAXPGPATH - 1, SYSTEMQUOTE "\"%s\" %s%s < \"%s\" 2>&1 &" SYSTEMQUOTE,
+ gtm_app_path, gtmdata_opt, gtm_opts, DEVNULL);
+
+ if (len >= MAXPGPATH - 1)
+ {
+ write_stderr("gtm command exceeds max size");
+ exit(1);
+ }
return system(cmd);
}
@@ -376,14 +402,13 @@ read_gtm_opts(void)
{
int len;
char *optline;
- char *arg1;
optline = optlines[0];
/* trim off line endings */
len = strcspn(optline, "\r\n");
optline[len] = '\0';
- gtm_opts = arg1;
+ gtm_opts = optline;
}
}
}
diff --git a/src/gtm/libpq/pqformat.c b/src/gtm/libpq/pqformat.c
index 339f50a..41ef105 100644
--- a/src/gtm/libpq/pqformat.c
+++ b/src/gtm/libpq/pqformat.c
@@ -134,20 +134,9 @@ pq_sendcountedtext(StringInfo buf, const char *str, int slen,
bool countincludesself)
{
int extra = countincludesself ? 4 : 0;
- char *p;
- if (p != str) /* actual conversion has been done? */
- {
- slen = strlen(p);
- pq_sendint(buf, slen + extra, 4);
- appendBinaryStringInfo(buf, p, slen);
- pfree(p);
- }
- else
- {
- pq_sendint(buf, slen + extra, 4);
- appendBinaryStringInfo(buf, str, slen);
- }
+ pq_sendint(buf, slen + extra, 4);
+ appendBinaryStringInfo(buf, str, slen);
}
/* --------------------------------
@@ -163,16 +152,7 @@ pq_sendcountedtext(StringInfo buf, const char *str, int slen,
void
pq_sendtext(StringInfo buf, const char *str, int slen)
{
- char *p;
-
- if (p != str) /* actual conversion has been done? */
- {
- slen = strlen(p);
- appendBinaryStringInfo(buf, p, slen);
- pfree(p);
- }
- else
- appendBinaryStringInfo(buf, str, slen);
+ appendBinaryStringInfo(buf, str, slen);
}
/* --------------------------------
-----------------------------------------------------------------------
Summary of changes:
src/gtm/gtm_ctl/gtm_ctl.c | 45 +++++++++++++++++++++++++++++++++++----------
src/gtm/libpq/pqformat.c | 26 +++-----------------------
2 files changed, 38 insertions(+), 33 deletions(-)
hooks/post-receive
--
Postgres-XC
|
