snprintf() in contrib/. I didn't touch the places where pointer
arithmatic was being used, or other areas where the fix wasn't
trivial. I would think that few, if any, of the usages of sprintf()
were actually exploitable, but it's probably better to be paranoid...
Neil Conway
malloc()'s. This isn't too serious (because oid2name is a short-lived
utility, so the memory will soon be returned to the OS on process
termination), but I still think it's poor style.
This patch changes oid2name so that it allocates memory on the stack
where possible and free()s the remaining heap-allocated memory. The
patch also fixes a typo a comment and adds 'const' qualifiers to a few
'char *' function parameters.
Neil Conway
Cygwin with the possible exception of mSQL-interface. Since I don't
have mSQL installed, I skipped this tool.
Except for dealing with a missing getopt.h (oid2name) and HUGE (seg),
the bulk of the patch uses the standard PostgreSQL approach to deal with
Windows DLL issues.
I tested the build aspect of this patch under Cygwin and Linux without
any ill affects. Note that I did not actually attempt to test the code
for functionality.
The procedure to apply the patch is as follows:
$ # save the attachment as /tmp/contrib.patch
$ # change directory to the top of the PostgreSQL source tree
$ patch -p0 </tmp/contrib.patch
Jason
> OK, add #include <stdio.h> to the file. That should fix it.
Seems unlikely, since libpq-fe.h already includes <stdio.h>.
The real problem here is that the code is wrong: it's passing NULL
to an int parameter.
regards, tom lane