Fix array overrun in ecpg's version of ParseDateTime(). The code wrote a value into the caller's field[] array before checking to see if there was room, which of course is backwards. Per report from Michael Paquier.
I fixed the equivalent bug in the backend's version of this code way back in 630684d3a130bb93, but failed to think about ecpg's copy. Fortunately this doesn't look like it would be exploitable for anything worse than a core dump: an external attacker would have no control over the single word that gets written. Branch ------ REL9_4_STABLE Details ------- http://git.postgresql.org/pg/commitdiff/80ddb590b6729fb398cad00b0774f2d10e954b0d Modified Files -------------- src/interfaces/ecpg/pgtypeslib/dt_common.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) -- Sent via pgsql-committers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-committers
