Re: [COMMITTERS] pgsql: Fix several one-byte buffer over-reads in to_number

Piotr Stefaniak Mon, 08 Aug 2016 13:17:15 -0700

On 2016-08-08 17:18, Peter Eisentraut wrote:
> Fix several one-byte buffer over-reads in to_number


I've been meaning to update my patch like this, but didn't want to 
bother you before trying to find more issues with formatting.c (still 
haven't found the time for that, sadly):

@@ -4188,13 +4188,10 @@ NUM_numpart_from_char(NUMProc *Np, int id, int 
input_len)
                  (id == NUM_0 || id == NUM_9) ? "NUM_0/9" : id == 
NUM_DEC ? "NUM_DEC" : "???");
  #endif

-       if (*Np->inout_p == ' ')
-               Np->inout_p++;
-
  #define OVERLOAD_TEST  (Np->inout_p >= Np->inout + input_len)
  #define AMOUNT_TEST(_s) (input_len-(Np->inout_p-Np->inout) >= _s)

-       if (*Np->inout_p == ' ')
+       while (!OVERLOAD_TEST && isspace((unsigned char) *Np->inout_p))
                 Np->inout_p++;

         if (OVERLOAD_TEST)

-- 
Sent via pgsql-committers mailing list (pgsql-committers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-committers

Re: [COMMITTERS] pgsql: Fix several one-byte buffer over-reads in to_number

Reply via email to