Fix array overrun in ecpg's version of ParseDateTime(). The code wrote a value into the caller's field[] array before checking to see if there was room, which of course is backwards. Per report from Michael Paquier.
I fixed the equivalent bug in the backend's version of this code way back in 630684d3a130bb93, but failed to think about ecpg's copy. Fortunately this doesn't look like it would be exploitable for anything worse than a core dump: an external attacker would have no control over the single word that gets written. Branch ------ REL9_1_STABLE Details ------- http://git.postgresql.org/pg/commitdiff/037b912ecc87b4e6cdd933e23fc8ba5d3e45ec02 Modified Files -------------- src/interfaces/ecpg/pgtypeslib/dt_common.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) -- Sent via pgsql-committers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-committers
