Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in
| От | Oliver Elphick |
|---|---|
| Тема | Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in |
| Дата | |
| Msg-id | 1029878621.19817.119.camel@linda обсуждение исходный текст |
| Ответ на | Re: @(#) Mordred Labs advisory 0x0001: Buffer overflow in (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-hackers |
On Tue, 2002-08-20 at 17:15, Tom Lane wrote: > Yes it has. CVS logs show > > 2002-08-04 02:44 thomas > > * src/backend/utils/adt/: date.c, datetime.c, format_type.c, > nabstime.c, timestamp.c, varlena.c: Add guard code to protect from > buffer overruns on long date/time input strings. [other > comments pruned, but note this commit did a lot of other stuff too] > > The original argument was about whether we should push out a 7.2.2 > release just because of this fix. AFAIK no one has even troubled to > look at the patch and see whether it applies directly to the 7.2 branch; > Thomas has revised the date/time code quite a bit since 7.2, so I'd > expect that it's not going to apply exactly. It doesn't. I tried, since there's a Debian bug requesting those patches be applied, but as far as I remember every hunk failed. I didn't have time to try to make it fit. -- Oliver Elphick Oliver.Elphick@lfix.co.uk Isle of Wight, UK http://www.lfix.co.uk/oliver GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C ======================================== "But I would not have you to be ignorant, brethren, concerning them whichare asleep, that ye sorrow not, even as others which have no hope. For if we believe that Jesus died and roseagain, even so them also which sleep in Jesus will God bring with him." IThessalonians 4:13,14
В списке pgsql-hackers по дате отправления: