to_char(): prevent writing beyond the allocated buffer Previously very long localized month and weekday strings could overflow the allocated buffers, causing a server crash.
Reported and patch reviewed by Noah Misch. Backpatch to all supported versions. Security: CVE-2015-0241 Branch ------ REL9_1_STABLE Details ------- http://git.postgresql.org/pg/commitdiff/2ceb63deb2db905ac030130705e33d776a28472a Modified Files -------------- src/backend/utils/adt/formatting.c | 139 ++++++++++++++++++++++++++++++++---- 1 file changed, 125 insertions(+), 14 deletions(-) -- Sent via pgsql-committers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-committers
