Bruce Momjian wrote:
>
> > Update of /usr/local/cvsroot/pgsql/src/backend/lib
> > In directory hub.org:/tmp/cvs-serv21717
> >
> > Modified Files:
> > stringinfo.c
> > Log Message:
> > Fix a potential infinite loop in appendStringInfo: would lock
> > up if first string to be appended to an empty StringInfo was longer
> > than the initial space allocation.
> > Also speed it up slightly.
>
> Does this remove the need for vsnprintf?
I don't think so,
vsprintf is still used if 6 places in to src tree, 5 of them is in
the backend. Each of these should be examined to determent wheater
those can be rewritten or if vsnprintf is needed.
To make matter worse:
guevara-goran# pwd
/usr/local/src/cvs/pgsql/src
guevara-goran# grep -n sprintf `find .` | wc -l 875
guevara-goran# cd backend/
guevara-goran# grep -n sprintf `find .` | wc -l 474
Their is lot of potential overruns in there,
and since pgsql is a net(-able) server we
should take that seriously.
I will look closer at these issues as time permits.
mvh,
--
---------------------------------------------
Göran Thyni, sysadm, JMS Bildbasen, Kiruna