On Wed, Dec 7, 2011 at 10:05, Magnus Hagander <mag...@hagander.net> wrote: > On Tue, Dec 6, 2011 at 17:07, Tom Lane <t...@sss.pgh.pa.us> wrote: >> Magnus Hagander <mag...@hagander.net> writes: >>> There is some nice precedent in the CREATE TABLESPACE command (though >>> dependent on HAVE_SYMLINK and not HAVE_READLINK), so I'm just going to >>> copy the error message from there. >> >> Fair enough. >> >> Looking at the existing readlink use in port/exec.c, it strikes me that >> another thing you'd better do is include a check for buffer overrun, >> ie the test needs to be more like >> >> rllen = readlink(fname, link_buf, sizeof(link_buf)); >> if (rllen < 0 || rllen >= sizeof(link_buf)) >> ... fail ... > > Seems reasonable, yeah. I'll go put a similar check in the > basebackup.c file as well when I'm done here.
To close this thread (hopefully): Fixed and applied. -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/ -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
