Magnus Hagander <[EMAIL PROTECTED]> writes:
>> I never actually tested if it crashes on mingw, but looking some more at it
>> it really should - once one of these errors happen.

> Hm. Much easier than that - the code is new in HEAD. 8.2 did
> fprintf(stderr). And HEAD still does that in at least one case.

> Anyway, I'll go ahead with the patch I wrote since it does Seem Nicer to
> actually use the PQexpbuffer code there, and the patch was rather
> trivial, but it's certainly not something to backpatch then...

It does look like there is a risk in 8.2 and before, though:
the fe-auth.c code has a lot of snprintf's with PQERRORMSG_LENGTH,
which should all be INITIAL_EXPBUFFER_SIZE according to that header
comment.  snprintf typically doesn't write more than it has to,
but if there ever were a message exceeding INITIAL_EXPBUFFER_SIZE
we'd be at risk of a memory clobber.  So that should be changed
as far back as it does that.  Do you want to take care of it?
I can if you don't want to.

                        regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 2: Don't 'kill -9' the postmaster

Reply via email to