mirror of
https://git.postgresql.org/git/postgresql.git
synced 2025-01-24 18:55:04 +08:00
Add runtime checks for number of query parameters passed to libpq functions.
The maximum number of parameters supported by the FE/BE protocol is 65535, as it's transmitted as a 16-bit unsigned integer. However, the nParams arguments to libpq functions are all of type 'int'. We can't change the signature of libpq functions, but a simple bounds check is in order to make it more clear what's going wrong if you try to pass more than 65535 parameters. Per complaint from Jim Vanns.
This commit is contained in:
parent
c1774d2c81
commit
f86e6ba40c
@ -1113,6 +1113,7 @@ PQsendQuery(PGconn *conn, const char *query)
|
||||
if (!PQsendQueryStart(conn))
|
||||
return 0;
|
||||
|
||||
/* check the argument */
|
||||
if (!query)
|
||||
{
|
||||
printfPQExpBuffer(&conn->errorMessage,
|
||||
@ -1170,12 +1171,19 @@ PQsendQueryParams(PGconn *conn,
|
||||
if (!PQsendQueryStart(conn))
|
||||
return 0;
|
||||
|
||||
/* check the arguments */
|
||||
if (!command)
|
||||
{
|
||||
printfPQExpBuffer(&conn->errorMessage,
|
||||
libpq_gettext("command string is a null pointer\n"));
|
||||
return 0;
|
||||
}
|
||||
if (nParams < 0 || nParams > 65535)
|
||||
{
|
||||
printfPQExpBuffer(&conn->errorMessage,
|
||||
libpq_gettext("number of parameters must be between 0 and 65535\n"));
|
||||
return 0;
|
||||
}
|
||||
|
||||
return PQsendQueryGuts(conn,
|
||||
command,
|
||||
@ -1203,19 +1211,25 @@ PQsendPrepare(PGconn *conn,
|
||||
if (!PQsendQueryStart(conn))
|
||||
return 0;
|
||||
|
||||
/* check the arguments */
|
||||
if (!stmtName)
|
||||
{
|
||||
printfPQExpBuffer(&conn->errorMessage,
|
||||
libpq_gettext("statement name is a null pointer\n"));
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (!query)
|
||||
{
|
||||
printfPQExpBuffer(&conn->errorMessage,
|
||||
libpq_gettext("command string is a null pointer\n"));
|
||||
return 0;
|
||||
}
|
||||
if (nParams < 0 || nParams > 65535)
|
||||
{
|
||||
printfPQExpBuffer(&conn->errorMessage,
|
||||
libpq_gettext("number of parameters must be between 0 and 65535\n"));
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* This isn't gonna work on a 2.0 server */
|
||||
if (PG_PROTOCOL_MAJOR(conn->pversion) < 3)
|
||||
@ -1298,12 +1312,19 @@ PQsendQueryPrepared(PGconn *conn,
|
||||
if (!PQsendQueryStart(conn))
|
||||
return 0;
|
||||
|
||||
/* check the arguments */
|
||||
if (!stmtName)
|
||||
{
|
||||
printfPQExpBuffer(&conn->errorMessage,
|
||||
libpq_gettext("statement name is a null pointer\n"));
|
||||
return 0;
|
||||
}
|
||||
if (nParams < 0 || nParams > 65535)
|
||||
{
|
||||
printfPQExpBuffer(&conn->errorMessage,
|
||||
libpq_gettext("number of parameters must be between 0 and 65535\n"));
|
||||
return 0;
|
||||
}
|
||||
|
||||
return PQsendQueryGuts(conn,
|
||||
NULL, /* no command to parse */
|
||||
|
Loading…
Reference in New Issue
Block a user