Neil Conway wrote:
> If you're interested, another common source of problems is integer
> overflow when dealing with numeric input from the user. In fact, far
> more security problems have been caused by insufficient integer
> overflow checking than by string handling bugs.
One other things that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Neil Conway wrote:
| [ Sorry, never saw the original email ]
Because it is still hanging in moderation queue ;)
| FYI, we prefer patches in context diff format (diff -c). Also, there
| are some code style rules that most of the backend code follows.
[ Sorry, never saw the original email ]
Bruce Momjian <[EMAIL PROTECTED]> writes:
> Jukka Holappa wrote:
> > I'm very new to this project and inspired by recent security
> > release, I started to audit postgresql source against common
> > mistakes with sprintf().
If you're interested, another co
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Bruce Momjian wrote:
| I have reviewed your patch, and it is a thorough job. Unfortunately,
| our code has drifted dramatically since 7.2 in the areas you patched.
| Would you be able to download our CVS or current snapshot and submit a
| patch based
I have reviewed your patch, and it is a thorough job. Unfortunately,
our code has drifted dramatically since 7.2 in the areas you patched.
Would you be able to download our CVS or current snapshot and submit a
patch based on that code?
In fact, we have applied a batch of snprintf fixes already
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This is a resend of my previous email which was stucked at moderation
approval.. and as I don't know if anyone actually does that in your
list, I'm resending this now.
Hi,
I'm very new to this project and inspired by recent security release, I
start
