Neil Conway dijo:
> The attached patch changes most of the usages of sprintf() to
> snprintf() in contrib/. I didn't touch the places where pointer
> arithmatic was being used, or other areas where the fix wasn't
> trivial. I would think that few, if any, of the usages of sprintf()
> were actually exploitable, but it's probably better to be paranoid...
>
> Unless anyone sees a problem, please apply.
I think in dbase/dbf2pg.c the limit of 10 to pgdate should be 11
(snprintf counts the \0 at the end).
--
Alvaro Herrera (<alvherre[a]atentus.com>)
"Coge la flor que hoy nace alegre, ufana. Quién sabe si nacera otra mañana?"