At Fri, 9 Oct 2020 11:48:59 -0300, Alvaro Herrera <alvhe...@alvh.no-ip.org>
wrote in
> > +pqLogMsgString(PGconn *conn, const char *v, int length, PGCommSource
> > commsource)
> > +{
> > + if (length < 0)
> > + length = strlen(v) + 1;
> > +
>
> > pqLogMsgString(conn, str, -1, FROM_*) means actual length may be
> > different from the caller thinks, but the pqLogLineBreak() subtracts
> > that value from the message length rememberd in in logging_message.
> > Anyway AFAICS the patch doesn't use the code path so we should remove
> > the first two lines.
>
> True, +1 for removing it.
>
> > By the way, appendBinaryPQExpBuffer() enlarges its buffer by the size
> > of the exact length of the given data, but appends '\0' at the end of
> > the copied data. Couldn't that leads to an memory overrun?
>
> Doesn't enlargePQExpBuffer() include room for the trailing zero? I
> think it does.
Right. I faintly recall I said the same thing before..
regards.
--
Kyotaro Horiguchi
NTT Open Source Software Center
