Re: [GENERAL] Buffer overflow in psql

2006-11-27 Thread John D. Burger
Tom Lane wrote: Um, is that really considered a fix??? We all know that there's no guarantee at all, even in ANSI C, that unsigned int isn't bigger than 32 bits, right? OID is 32 bits. Full stop. I should know better than to argue about this, but: In that case, casting it as in the OP's

[GENERAL] Buffer overflow in psql

2006-11-22 Thread Jack Orenstein
I'm using Postgrseql 7.4.8. In January, I reported a psql bug. The problem was that an INSERT issued through psql would cause a crash. There was no problem with other operations I tried, or with the same INSERT submitted through JDBC. The discussion thread begins here:

Re: [GENERAL] Buffer overflow in psql

2006-11-22 Thread Martijn van Oosterhout
On Wed, Nov 22, 2006 at 11:11:09AM -0500, Jack Orenstein wrote: I'm using Postgrseql 7.4.8. In January, I reported a psql bug. The problem was that an INSERT issued through psql would cause a crash. There was no problem with other operations I tried, or with the same INSERT submitted through

Re: [GENERAL] Buffer overflow in psql

2006-11-22 Thread Tom Lane
Jack Orenstein [EMAIL PROTECTED] writes: The problem has occurred again, and I've found a buffer overflow in psql that explains it. Here is code from src/bin/psql/common.c, from the PrintQueryResults function: case PGRES_COMMAND_OK: {

Re: [GENERAL] Buffer overflow in psql

2006-11-22 Thread Jack Orenstein
Tom Lane wrote: Jack Orenstein [EMAIL PROTECTED] writes: The problem has occurred again, and I've found a buffer overflow in psql that explains it. Here is code from src/bin/psql/common.c, from the PrintQueryResults function: case PGRES_COMMAND_OK: {

Re: [GENERAL] Buffer overflow in psql

2006-11-22 Thread Tom Lane
Jack Orenstein [EMAIL PROTECTED] writes: Tom Lane wrote: Good catch! What platform and compiler are you using exactly? I'd imagine that on most platforms, the size of that array is effectively rounded up to 12 bytes due to alignment/padding considerations, which would mask the mistake.

Re: [GENERAL] Buffer overflow in psql

2006-11-22 Thread John D. Burger
Tom Lane wrote: Ah so, that explains how come it noticed. BTW, I see that somebody already changed the array size to 16 bytes in HEAD --- so it's just the back branches that need fixing. Um, is that really considered a fix??? We all know that there's no guarantee at all, even in ANSI C,

Re: [GENERAL] Buffer overflow in psql

2006-11-22 Thread Tom Lane
John D. Burger [EMAIL PROTECTED] writes: Tom Lane wrote: Ah so, that explains how come it noticed. BTW, I see that somebody already changed the array size to 16 bytes in HEAD --- so it's just the back branches that need fixing. Um, is that really considered a fix??? We all know that