Vince,
Do you reckon it's worth you responding to "Sir Mordred" and pointing
out that he overstated the vulnerability?
:-)
Regards and best wishes,
Justin Clift
Tom Lane wrote:
>
> Justin Clift <justin@postgresql.org> writes:
> > Glad he made the advisory for something there's a fix for. :)
>
> The claim that this bug allows execution of arbitrary code is bogus anyway.
> The overflow at INT_MIN will clobber the stack, yes, but in an absolutely
> predetermined way; an attacker will have no opportunity to insert code
> of his choosing.
>
> regards, tom lane
--
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there." - Indira Gandhi