The following bug has been logged online:
Bug reference: 5101
Logged by: Chris Mikkelson
Email address: cm...@qwest.net
PostgreSQL version: 8.4.1(+earlier)
Operating system: all
Description: Off-by-one error in bitncmp() in
src/backend/utils/adt/network.c
Details:
When comparing a number of bits divisible by 8, bitncmp() may dereference a
pointer one byte out
of bounds.
The following patch against 8.4.1 incorporates the fix made to bitncmp() in
the BIND source tree:
*** src/backend/utils/adt/network.c.orig 2009-10-07
12:32:13.000000000 -0500
--- src/backend/utils/adt/network.c 2009-10-07 12:32:45.000000000 -0500
*************** bitncmp(void *l, void *r, int n)
*** 972,979 ****
b = n / 8;
x = memcmp(l, r, b);
! if (x)
! return x;
lb = ((const u_char *) l)[b];
rb = ((const u_char *) r)[b];
--- 972,979 ----
b = n / 8;
x = memcmp(l, r, b);
! if (x || (n % 8) == 0)
! return (x);
lb = ((const u_char *) l)[b];
rb = ((const u_char *) r)[b];
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs
