Code coverage for most pg_mblen* calls. A security patch changed them today, so close the coverage gap now. Test that buffer overrun is avoided when pg_mblen*() requires more than the number of bytes remaining.
This does not cover the calls in dict_thesaurus.c or in dict_synonym.c. That code is straightforward. To change that code's input, one must have access to modify installed OS files, so low-privilege users are not a threat. Testing this would likewise require changing installed share/postgresql/tsearch_data, which was enough of an obstacle to not bother. Security: CVE-2026-2006 Backpatch-through: 14 Co-authored-by: Thomas Munro <[email protected]> Co-authored-by: Noah Misch <[email protected]> Reviewed-by: Heikki Linnakangas <[email protected]> Branch ------ REL_14_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/e7591254c30258fe5af8ad123dd70d631b653086 Modified Files -------------- contrib/pg_trgm/Makefile | 2 +- contrib/pg_trgm/data/trgm_utf8.data | 50 ++++ contrib/pg_trgm/expected/pg_utf8_trgm.out | 8 + contrib/pg_trgm/expected/pg_utf8_trgm_1.out | 3 + contrib/pg_trgm/sql/pg_utf8_trgm.sql | 9 + src/backend/utils/adt/arrayfuncs.c | 161 +++++++++++ src/include/utils/array.h | 4 + src/test/regress/expected/.gitignore | 2 + src/test/regress/expected/euc_kr.out | 16 ++ src/test/regress/expected/euc_kr_1.out | 6 + src/test/regress/input/encoding.source | 223 ++++++++++++++++ src/test/regress/output/encoding.source | 398 ++++++++++++++++++++++++++++ src/test/regress/output/encoding_1.source | 4 + src/test/regress/parallel_schedule | 2 +- src/test/regress/regress.c | 139 ++++++++++ src/test/regress/sql/.gitignore | 1 + src/test/regress/sql/euc_kr.sql | 12 + 17 files changed, 1038 insertions(+), 2 deletions(-)
