>> !if error happend, xfrmlen will be (size_t)-1
>No it won't; see the man page for strxfrm.
RETURN VALUES
Upon successful completion, strxfrm() returns the length of
the transformed string (not including the terminating null
byte). If the value returned is n or more, the contents of
the array pointed to by s1 are indeterminate.
On failure, strxfrm() returns (size_t)-1.
but you a right it is strxfrm() that returns more than allowed,
most likely in following condition:
strxfrm(xfrmstr, val, 0)
a null terminator extra.
I am on SunOS 5.8,
BTW on Linux it works....
-----Original Message-----
From: Tom Lane [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 2003 11:45 AM
To: Maksim Likharev
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: [GENERAL] PG crash on simple query, story continues
"Maksim Likharev" <[EMAIL PROTECTED]> writes:
> ! I would say very interesting aproach,
> ! why not just
> xfrmsize = strxfrm(xfrmstr, NULL, 0);
strxfrm doesn't work that way (and if it did, it would give back a
malloc'd not a palloc'd string).
> !if error happend, xfrmlen will be (size_t)-1
No it won't; see the man page for strxfrm.
This does raise an interesting thought though: what platform are you on?
It seems to me that we've heard of buggy versions of strxfrm that write
more bytes than they're allowed to, thereby clobbering palloc's data
structures.
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to [EMAIL PROTECTED] so that your
message can get through to the mailing list cleanly
