to_char(): prevent writing beyond the allocated buffer Previously very long localized month and weekday strings could overflow the allocated buffers, causing a server crash.
Reported and patch reviewed by Noah Misch. Backpatch to all supported versions. Security: CVE-2015-0241 Branch ------ REL9_3_STABLE Details ------- http://git.postgresql.org/pg/commitdiff/fe2526990b821efb9452fa8601ee216a487202ff Modified Files -------------- src/backend/utils/adt/formatting.c | 139 ++++++++++++++++++++++++++++++++---- 1 file changed, 125 insertions(+), 14 deletions(-) -- Sent via pgsql-committers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-committers
