Some security, since we now have vsnprintf, I remade an old patch
with some extra ugly sprintfs fixed. More work in this area is needed still. Göran Thyni
This commit is contained in:
Bruce Momjian
parent
d8ae7ffb2f
commit
f0fbd7b87e
|
|
@ -7,7 +7,7 @@
|
|||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/error/elog.c,v 1.35 1998/09/01 04:33:07 momjian Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/error/elog.c,v 1.36 1999/01/01 04:48:45 momjian Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
|
|
@ -133,7 +133,7 @@ elog(int lev, const char *fmt,...)
|
|||
else
|
||||
*bp++ = *cp;
|
||||
*bp = '\0';
|
||||
vsprintf(line, buf, ap);
|
||||
vsnprintf(line, ELOG_MAXLEN - 1, buf, ap);
|
||||
va_end(ap);
|
||||
|
||||
#ifdef USE_SYSLOG
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/error/Attic/format.c,v 1.7 1998/09/01 03:26:40 momjian Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/error/Attic/format.c,v 1.8 1999/01/01 04:48:46 momjian Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
|
|
@ -29,12 +29,8 @@ char *
|
|||
form(const char *fmt,...)
|
||||
{
|
||||
va_list args;
|
||||
|
||||
va_start(args, fmt);
|
||||
|
||||
vsprintf(FormBuf, fmt, args);
|
||||
|
||||
vsnprintf(FormBuf, FormMaxSize - 1, fmt, args);
|
||||
va_end(args);
|
||||
|
||||
return FormBuf;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -108,7 +108,7 @@ tprintf(int flag, const char *fmt,...)
|
|||
#ifdef ELOG_TIMESTAMPS
|
||||
strcpy(line, tprintf_timestamp());
|
||||
#endif
|
||||
vsprintf(line + TIMESTAMP_SIZE, fmt, ap);
|
||||
vsnprintf(line + TIMESTAMP_SIZE, ELOG_MAXLEN, fmt, ap);
|
||||
va_end(ap);
|
||||
|
||||
#ifdef USE_SYSLOG
|
||||
|
|
@ -138,7 +138,7 @@ tprintf1(const char *fmt, ... )
|
|||
#ifdef ELOG_TIMESTAMPS
|
||||
strcpy(line, tprintf_timestamp());
|
||||
#endif
|
||||
vsprintf(line+TIMESTAMP_SIZE, fmt, ap);
|
||||
vsnprintf(line+TIMESTAMP_SIZE, ELOG_MAXLEN, fmt, ap);
|
||||
va_end(ap);
|
||||
|
||||
#ifdef USE_SYSLOG
|
||||
|
|
@ -166,7 +166,7 @@ eprintf(const char *fmt,...)
|
|||
#ifdef ELOG_TIMESTAMPS
|
||||
strcpy(line, tprintf_timestamp());
|
||||
#endif
|
||||
vsprintf(line + TIMESTAMP_SIZE, fmt, ap);
|
||||
vsnprintf(line + TIMESTAMP_SIZE, ELOG_MAXLEN, fmt, ap);
|
||||
va_end(ap);
|
||||
|
||||
#ifdef USE_SYSLOG
|
||||
|
|
@ -344,7 +344,7 @@ read_pg_options(SIGNAL_ARGS)
|
|||
return;
|
||||
}
|
||||
|
||||
sprintf(buffer, "%s/%s", DataDir, "pg_options");
|
||||
snprintf(buffer, BUF_SIZE - 1, "%s/%s", DataDir, "pg_options");
|
||||
if ((fd = open(buffer, O_RDONLY)) < 0)
|
||||
return;
|
||||
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
*
|
||||
*
|
||||
* IDENTIFICATION
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/mmgr/portalmem.c,v 1.14 1998/09/01 04:33:39 momjian Exp $
|
||||
* $Header: /cvsroot/pgsql/src/backend/utils/mmgr/portalmem.c,v 1.15 1999/01/01 04:48:47 momjian Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
|
|
@ -129,7 +129,7 @@ do { \
|
|||
PortalHashEnt *hentry; bool found; char key[MAX_PORTALNAME_LEN]; \
|
||||
\
|
||||
MemSet(key, 0, MAX_PORTALNAME_LEN); \
|
||||
sprintf(key, "%s", NAME); \
|
||||
snprintf(key, MAX_PORTALNAME_LEN - 1, "%s", NAME); \
|
||||
hentry = (PortalHashEnt*)hash_search(PortalHashTable, \
|
||||
key, HASH_FIND, &found); \
|
||||
if (hentry == NULL) \
|
||||
|
|
@ -145,7 +145,7 @@ do { \
|
|||
PortalHashEnt *hentry; bool found; char key[MAX_PORTALNAME_LEN]; \
|
||||
\
|
||||
MemSet(key, 0, MAX_PORTALNAME_LEN); \
|
||||
sprintf(key, "%s", PORTAL->name); \
|
||||
snprintf(key, MAX_PORTALNAME_LEN - 1, "%s", PORTAL->name); \
|
||||
hentry = (PortalHashEnt*)hash_search(PortalHashTable, \
|
||||
key, HASH_ENTER, &found); \
|
||||
if (hentry == NULL) \
|
||||
|
|
@ -160,7 +160,7 @@ do { \
|
|||
PortalHashEnt *hentry; bool found; char key[MAX_PORTALNAME_LEN]; \
|
||||
\
|
||||
MemSet(key, 0, MAX_PORTALNAME_LEN); \
|
||||
sprintf(key, "%s", PORTAL->name); \
|
||||
snprintf(key, MAX_PORTALNAME_LEN - 1, "%s", PORTAL->name); \
|
||||
hentry = (PortalHashEnt*)hash_search(PortalHashTable, \
|
||||
key, HASH_REMOVE, &found); \
|
||||
if (hentry == NULL) \
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
*
|
||||
* Copyright (c) 1994, Regents of the University of California
|
||||
*
|
||||
* $Id: psort.c,v 1.45 1998/12/14 08:11:14 scrappy Exp $
|
||||
* $Id: psort.c,v 1.46 1999/01/01 04:48:49 momjian Exp $
|
||||
*
|
||||
* NOTES
|
||||
* Sorts the first relation into the second relation.
|
||||
|
|
@ -1019,7 +1019,8 @@ gettape()
|
|||
|
||||
tp = (struct tapelst *) palloc((unsigned) sizeof(struct tapelst));
|
||||
|
||||
sprintf(uniqueName, "%spg_psort.%d.%d", TEMPDIR, (int) MyProcPid, uniqueFileId);
|
||||
snprintf(uniqueName, MAXPGPATH - 1, "%spg_psort.%d.%d",
|
||||
TEMPDIR, (int) MyProcPid, uniqueFileId);
|
||||
uniqueFileId++;
|
||||
|
||||
tapeinit = 1;
|
||||
|
|
|
|||
Loading…
Reference in New Issue