Commit Graph

1355 Commits

Author SHA1 Message Date
Tom Lane
702e2989d5 Fix xslt_process() to ensure that it inserts a NULL terminator after the
last pair of parameter name/value strings, even when there are MAXPARAMS
of them.  Aboriginal bug in contrib/xml2, noted while studying bug #4912
(though I'm not sure whether there's something else involved in that
report).

This might be thought a security issue, since it's a potential backend
crash; but considering that untrustworthy users shouldn't be allowed
to get their hands on xslt_process() anyway, it's probably not worth
getting excited about.
2009-07-10 00:32:17 +00:00
Magnus Hagander
6749d70555 Remove beer-ware license from crypt-md5.c, per
approval from Poul-Henning Kamp.

This makes the file the same standard 2-clause BSD as the
rest of PostgreSQL.
2009-04-15 18:58:32 +00:00
Tom Lane
0e7d4c0289 Fix contrib/pg_freespacemap's underestimate of the number of pages it
could find in the FSM.  Per report from Dimitri Fontaine and Andrew Gierth.

(Affects only 8.2 and 8.3 since HEAD no longer has MaxFSMPages at all.)
2009-04-07 18:11:04 +00:00
Tom Lane
6a42ab4eb8 Defend against non-ASCII letters in fuzzystrmatch code. The functions
still don't behave very sanely for multibyte encodings, but at least
they won't be indexing off the ends of static arrays.
2009-04-07 15:54:07 +00:00
Teodor Sigaev
da5bfbd970 Fix memory allocation for output of hstore type.
Per "maosen.zhang" <maosen.zhang@alibaba-inc.com> report.
2009-04-02 18:06:12 +00:00
Tom Lane
b7578b5ce2 Fix contrib/pgstattuple and contrib/pageinspect to prevent attempts to read
temporary tables of other sessions; that is unsafe because of the way our
buffer management works.  Per report from Stuart Bishop.
This is redundant with the bufmgr.c checks in HEAD, but not at all redundant
in the back branches.
2009-03-31 22:55:41 +00:00
Tom Lane
a4702ada62 Fix old thinko in pgp.h: the idea is to declare some named enum types,
not global variables of anonymous enum types.  This didn't actually hurt
much because most linkers will just merge the duplicated definitions ...
but some will complain.  Per bug #4731 from Ceriel Jacobs.

Backpatch to 8.1 --- the declarations don't exist before that.
2009-03-25 15:03:25 +00:00
Tom Lane
98686e1ea1 Fix contrib/hstore to throw an error for keys or values that don't fit in its
data structure, rather than silently truncating them.  Andrew Gierth
2009-03-15 22:05:44 +00:00
Teodor Sigaev
9424b22b5e Prevent recursion during parse of email-like string with multiple '@'.
Patch by Heikki Linnakangas <heikki.linnakangas@enterprisedb.com>
2009-03-10 17:44:44 +00:00
Teodor Sigaev
8fcdac9987 Fix usage of char2wchar/wchar2char. Changes:
- pg_wchar and wchar_t could have different size, so char2wchar
  doesn't call pg_mb2wchar_with_len to prevent out-of-bound
  memory bug
- make char2wchar/wchar2char symmetric, now they should not be
  called with C-locale because mbstowcs/wcstombs oftenly doesn't
  work correct with C-locale.
- Text parser uses pg_mb2wchar_with_len directly in case of
  C-locale and multibyte encoding

Per bug report by Hiroshi Inoue <inoue@tpf.co.jp> and
following discussion.

Backpatch up to 8.2 when multybyte support was implemented in tsearch.
2009-03-02 15:13:17 +00:00
Teodor Sigaev
22abc26aaf Fix URL generation in headline. Only tag lexeme will be replaced by space.
Per http://archives.postgresql.org/pgsql-bugs/2008-12/msg00013.php
2009-01-15 17:44:47 +00:00
Teodor Sigaev
32cfb33244 Fix generation of too long headline with ShortWords.
Per http://archives.postgresql.org/pgsql-hackers/2008-09/msg01088.php
2009-01-15 17:44:18 +00:00
Joe Conway
e4dcb11ead Fix bug per Oleksiy Shchukin - 2nd argument for dblink_get_result(text,bool)
is PG_GETARG_BOOL(2), should be PG_GETARG_BOOL(1).

Apply simple fix to back branches only. More extensive change to be applied
to head per Tom's suggestion.
2009-01-03 19:58:10 +00:00
Tom Lane
eea4890c08 Fix dblink and tablefunc to not return with the wrong CurrentMemoryContext.
Per buildfarm results.
2008-11-30 23:24:08 +00:00
Tom Lane
8f74153732 Fix old bug in contrib/sslinfo: X509_NAME_to_text freed the BIO_s_mem buffer
it was using too soon.  In a situation where pg_do_encoding_conversion is
a no-op, this led to garbage data returned.

In HEAD, also modify the code that's ensuring null termination to make it
a tad more obvious what's happening.
2008-11-10 14:57:53 +00:00
Teodor Sigaev
f189a12226 Fix small bug in headline generation.
Patch from Sushant Sinha <sushant354@gmail.com>
http://archives.postgresql.org/pgsql-hackers/2008-07/msg00785.php
2008-10-17 17:40:14 +00:00
Tom Lane
c06f39de73 Fix some bugs introduced by the 8.2-era conversion of cube functions to V1
calling convention.  cube_inter and cube_distance could attempt to pfree
their input arguments, and cube_dim returned a value from a struct it
might have just pfree'd (which would only really cause a problem in a
debug build, but it's still wrong).  Per bug #4208 and additional code
reading.

In HEAD and 8.3, I also made a batch of cosmetic changes to bring these
functions into line with the preferred coding style for V1 functions,
ie declare and fetch all the arguments at the top so readers can easily
see what they are.
2008-05-29 18:46:52 +00:00
Tom Lane
eb23d8023b Fix contrib/xml2 makefile to not override CFLAGS. 2008-05-08 17:11:33 +00:00
Teodor Sigaev
fc0a2b45d0 Fix broken compare function for tsquery_ops. Per Tom's report.
I never understood why initial authors GiST in pgsql choose so
stgrange signature for 'same' method:
bool *sameFn(Datum a, Datum b, bool* result)
instead of simple, logical
bool sameFn(Datum a, Datum b)
This change will break any existing GiST extension, so we still live with
it and will live.
2008-04-20 09:39:38 +00:00
Tom Lane
1aa0e9c878 Fix several datatype input functions that were allowing unused bytes in their
results to contain uninitialized, unpredictable values.  While this was okay
as far as the datatypes themselves were concerned, it's a problem for the
parser because occurrences of the "same" literal might not be recognized as
equal by datumIsEqual (and hence not by equal()).  It seems sufficient to fix
this in the input functions since the only critical use of equal() is in the
parser's comparisons of ORDER BY and DISTINCT expressions.
Per a trouble report from Marc Cousin.

Patch all the way back.  Interestingly, array_in did not have the bug before
8.2, which may explain why the issue went unnoticed for so long.
2008-04-11 22:53:06 +00:00
Tom Lane
270b3adb16 Fix core dump in contrib/xml2's xpath_table() when the input query returns
a NULL value.  Per bug #4058.
2008-03-26 01:19:17 +00:00
Tom Lane
58c7bef913 The original patch to disallow non-passworded connections to non-superusers
failed to cover all the ways in which a connection can be initiated in dblink.
Plug the remaining holes.  Also, disallow transient connections in functions
for which that feature makes no sense (because they are only sensible as
part of a sequence of operations on the same connection).  Joe Conway

Security: CVE-2007-6601
2008-01-03 21:28:18 +00:00
Teodor Sigaev
7b85567962 Backpatch: Fix tsvector_out() and tsquery_out() to escape backslesh, add test of that.
Patch by Bruce Momjian <bruce@momjian.us>
2007-11-16 17:03:15 +00:00
Joe Conway
f83c1a7b97 Have crosstab variants treat NULL rowid as a category in its own right,
per suggestion from Tom Lane. This fixes crash-bug reported by Stefan
Schwarzer.
2007-11-10 05:01:20 +00:00
Tom Lane
edc4d5edbe Defend against openssl libraries that fail on keys longer than 128 bits;
which is the case at least on some Solaris versions.  Marko Kreen
2007-09-29 02:18:21 +00:00
Teodor Sigaev
d77a9018fa Fix crash of to_tsvector() function on huge input: compareWORD()
function didn't return correct result for word position greate than
limit.

Per report from Stuart Bishop <stuart@stuartbishop.net>
2007-09-26 10:17:34 +00:00
Tom Lane
62c42d82aa Remove ill-considered (not to mention undocumented) attempt to make
contrib/intarray's GIN opclass override the built-in default.  Per bug #3048
and other complaints.
2007-09-14 03:25:37 +00:00
Teodor Sigaev
7176065273 Fix header's size of structs defines in ispell. 2007-09-11 13:04:53 +00:00
Teodor Sigaev
eb22ca6f9f Fix indefinit loop in rank_cd for some corner queries.
Per Daniele Varrazzo <piro@develer.com> bug report.
2007-09-07 16:26:59 +00:00
Tom Lane
acb6631041 Restrict pgstattuple functions to superusers. While the only one that's
really a glaring security hole is bt_page_items, there's not a very good
use-case for letting ordinary users use 'em, either.
2007-08-28 23:11:12 +00:00
Tom Lane
f94c9dbf22 Fix combo_decrypt() to throw an error for zero-length input when using a
padded encryption scheme.  Formerly it would try to access res[(unsigned) -1],
which resulted in core dumps on 64-bit machines, and was certainly trouble
waiting to happen on 32-bit machines (though in at least the known case
it was harmless because that byte would be overwritten after return).
Per report from Ken Colson; fix by Marko Kreen.
2007-08-23 16:15:57 +00:00
Tom Lane
59e4a6941f Fix possible core dump from pgbench -d option. Julius Stroffek 2007-08-22 23:03:33 +00:00
Tom Lane
45839ffd28 Fix CHECK_RELATION_BLOCK_RANGE macro, which was not merely producing
a warning but was outright wrong.
2007-07-15 23:47:13 +00:00
Joe Conway
809b38ce27 Restrict non-superusers to password authenticated connections
to prevent possible escalation of privilege. Provide new SECURITY
DEFINER functions with old behavior, but initially REVOKE ALL
from public for these functions. Per list discussion and design
proposed by Tom Lane.
2007-07-09 01:32:30 +00:00
Teodor Sigaev
100beb0dea Fix caching of unsuccessful initialization of parser or configuration.
Per report from Listmail <lists@peufeu.com>
2007-04-02 11:42:25 +00:00
Teodor Sigaev
fc565cfc7b Fix parser bug on Windows with UTF8 encoding and C locale, the reason was
sizeof(wchar_t) = 2 instead of 4.
2007-03-22 15:59:09 +00:00
Alvaro Herrera
009dac8ed4 Fix uninitialized value in pgstatindex leading to invalid values being
reported in some cases.  Report and patch from Tatsuhito Kasahara.

Also fix a couple of other bugs I noticed in skimming the surrounding code.
2007-03-16 15:06:46 +00:00
Teodor Sigaev
2b1abc8756 Athough cube is a varlena type, nowhere was a detoasting of cube's value, so
fix it.  Add macroses DatumGetNDBOX, PG_GETARG_NDBOX and PG_RETURN_NDBOX.
Backpatch for 8.2 too.

Previous versions use version 0 calling conventions. And fmgr code detoast
values for user-defined functions.
2007-03-07 21:25:18 +00:00
Teodor Sigaev
15f910da96 Fix backend crash in parsing incorrect tsquery.
Per report from Jon Rosebaugh <jon@inklesspen.com>
2007-02-12 14:15:13 +00:00
Teodor Sigaev
35466cff0a Fix localization support for multibyte encoding and C locale.
Slightly reworked patch from Tatsuo Ishii
2007-01-15 15:16:11 +00:00
Tatsuo Ishii
9c505e484c Backport patch.
Call srandom() instead of srand().
pgbench calls random() later, so it should have called srandom().
On most platforms except Windows srandom() is actually identical
to srand(), so the bug only bites Windows users.
per bug report from Akio Ishida.
2007-01-10 01:20:10 +00:00
Tom Lane
32d029573d Add a defense to prevent core dumps if 8.2 version of rank_cd() is used with
the 8.1 SQL function definition for it.  Per report from Rajesh Kumar Mallah,
such a DBA error doesn't seem at all improbable, and the cost of checking for
it is not very high compared to the cost of running this function.  (It would
have been better to change the C name of the function so it wouldn't be called
by the old SQL definition, but it's too late for that now in the 8.2 branch.)
2006-12-28 01:09:04 +00:00
Teodor Sigaev
5ceb508422 Fix memory reallocation condition 2006-12-26 14:55:00 +00:00
Teodor Sigaev
593d020ff6 Fix convertion for 'PFX flag N num' 2006-12-21 17:35:44 +00:00
Teodor Sigaev
e72ef41d72 Fix core dump of ispell for case of non-successfull initialization.
Previous versions aren't affected.

Fix synonym dictionary init: string should be malloc'ed, not palloc'ed. Bug
introduced recently while fixing lowerstr().
2006-12-04 09:27:45 +00:00
Tom Lane
2822c7c0fc Make contrib/isn pass the opr_sanity sanity checks: add missing
commutator operators, and mark hash-opclass members as oprcanhash.
This is a pretty ugly, brute-force solution, but it seems that getting
rid of all these redundant-looking operators would require some tweaks
in the core operator-resolution code to behave nicely, and I'm not
willing to risk that just before RC1.
2006-11-24 18:44:37 +00:00
Teodor Sigaev
3de2682a1e Fix lowercasing while parse OO dictionary 2006-11-23 17:35:14 +00:00
Teodor Sigaev
84151d0644 Avoid infinity calculations in rank_cd 2006-11-22 15:55:05 +00:00
Teodor Sigaev
dd92a8c33f Fix type in return value 2006-11-21 18:31:28 +00:00
Teodor Sigaev
419fe7cd1b Fix bug http://archives.postgresql.org/pgsql-bugs/2006-10/msg00258.php.
Fix string's length calculation for recoding, fix strlower() to avoid wrong
assumption about length of recoded string (was: recoded string is no greater
that source, it may not true for multibyte encodings)
Thanks to Thomas H. <me@alternize.com> and Magnus Hagander <mha@sollentuna.net>
2006-11-20 14:03:30 +00:00