Re: [GENERAL] Buffer overflow in psql

2006-11-27 Thread John D. Burger
Tom Lane wrote: Um, is that really considered a fix??? We all know that there's no guarantee at all, even in ANSI C, that unsigned int isn't bigger than 32 bits, right? OID is 32 bits. Full stop. I should know better than to argue about this, but: In that case, casting it as in the OP's c

Re: [GENERAL] Buffer overflow in psql

2006-11-22 Thread Tom Lane
"John D. Burger" <[EMAIL PROTECTED]> writes: > Tom Lane wrote: >> Ah so, that explains how come it noticed. BTW, I see that somebody >> already changed the array size to 16 bytes in HEAD --- so it's just >> the back branches that need fixing. > Um, is that really considered a fix??? We all know

Re: [GENERAL] Buffer overflow in psql

2006-11-22 Thread John D. Burger
Tom Lane wrote: Ah so, that explains how come it noticed. BTW, I see that somebody already changed the array size to 16 bytes in HEAD --- so it's just the back branches that need fixing. Um, is that really considered a fix??? We all know that there's no guarantee at all, even in ANSI C, th

Re: [GENERAL] Buffer overflow in psql

2006-11-22 Thread Tom Lane
Jack Orenstein <[EMAIL PROTECTED]> writes: > Tom Lane wrote: >> Good catch! What platform and compiler are you using exactly? I'd >> imagine that on most platforms, the size of that array is effectively >> rounded up to 12 bytes due to alignment/padding considerations, which >> would mask the mis

Re: [GENERAL] Buffer overflow in psql

2006-11-22 Thread Jack Orenstein
Tom Lane wrote: Jack Orenstein <[EMAIL PROTECTED]> writes: The problem has occurred again, and I've found a buffer overflow in psql that explains it. Here is code from src/bin/psql/common.c, from the PrintQueryResults function: case PGRES_COMMAND_OK: {

Re: [GENERAL] Buffer overflow in psql

2006-11-22 Thread Tom Lane
Jack Orenstein <[EMAIL PROTECTED]> writes: > The problem has occurred again, and I've found a buffer overflow in > psql that explains it. Here is code from src/bin/psql/common.c, from > the PrintQueryResults function: > case PGRES_COMMAND_OK: > { >

Re: [GENERAL] Buffer overflow in psql

2006-11-22 Thread Martijn van Oosterhout
On Wed, Nov 22, 2006 at 11:11:09AM -0500, Jack Orenstein wrote: > I'm using Postgrseql 7.4.8. In January, I reported a psql bug. The > problem was that an INSERT issued through psql would cause a > crash. There was no problem with other operations I tried, or with the > same INSERT submitted throug

[GENERAL] Buffer overflow in psql

2006-11-22 Thread Jack Orenstein
I'm using Postgrseql 7.4.8. In January, I reported a psql bug. The problem was that an INSERT issued through psql would cause a crash. There was no problem with other operations I tried, or with the same INSERT submitted through JDBC. The discussion thread begins here: http://archives.postgresql.o