PF wrote:
On Thu, 2006-12-28 at 11:28 -0500, Andrew Dunstan wrote:
I wrote:
Looking at the code I see this in dbdimp.c:
strncpy(buffer, tempbuf, strlen(tempbuf)+1);
buffer[strlen(tempbuf)] = '\0';
However, there is no check that buffer has enough space - the code
just seems to assume it, which seems like a bug - that code is
probably clobbering something important. I don't quite understand why
we don't simply make an SV straight from tmpbuf, rather than copying
to a fixed buffer anyway. PQgetCopyData() doesn't require a length
param (unlike the now deprecated PQgetline()), and it seems very
un-perlish for us to require it of the user at all.
Here is an untested patch that will grow the buffer as needed, I hope.
It doesn't make the length param go away, but it makes it mostly
irrelevant :-)
cheers
andrew
Well, it's tested, and doesn't crash. However, depending on the length
param the first or second record will be replaced with binary junk
and/or be blank.
Darn. OK, I'll do some testing.
cheers
andrew
