to_char(): prevent writing beyond the allocated buffer Previously very long localized month and weekday strings could overflow the allocated buffers, causing a server crash.
Reported and patch reviewed by Noah Misch. Backpatch to all supported versions. Security: CVE-2015-0241 Branch ------ master Details ------- http://git.postgresql.org/pg/commitdiff/9241c84cbcb82174a7d986242f233aa6472c1129 Modified Files -------------- src/backend/utils/adt/formatting.c | 139 ++++++++++++++++++++++++++++++++---- 1 file changed, 125 insertions(+), 14 deletions(-) -- Sent via pgsql-committers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-committers
