to_char(): prevent accesses beyond the allocated buffer Previously very long field masks for floats could access memory beyond the existing buffer allocated to hold the result.
Reported by Andres Freund and Peter Geoghegan. Backpatch to all supported versions. Security: CVE-2015-0241 Branch ------ REL9_2_STABLE Details ------- http://git.postgresql.org/pg/commitdiff/5ae3bf1af34082f3b53955053ce11a6f20b1b751 Modified Files -------------- src/backend/utils/adt/formatting.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) -- Sent via pgsql-committers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-committers
