- Desktop
- Enterprise
- Gaming
- Graphics
- Hardware
- Linux Kernel
- Multimedia
- Operating Systems
- Programming
- System Internals
- All Projects
- Latest News
- Sync psm/evdev/atkbd with FreeBSD
- lavfi: Add pad_vaapi filter
- lavfi: Add drawbox_vaapi filter
- Linux Kernel: Linux 6.9-rc4
- Embind: support .implement()-based JS UNO objects
- tdf#33603: sd: rework notes panel
- xwayland: Add SourceValidate hook
- UPower: Release 1.90.4
- Latest News (cont.)
- timezone: sync to TZDB 2024a
- Linux Kernel: Linux 6.9-rc3
- Optimize pg_popcount() with AVX-512 instructions
- Enhance nbtree ScalarArrayOp execution
- Add basic JSON_TABLE() functionality
- Introduce a non-recursive JSON parser
- aarch64/fpu: Add vector variants of erfc
- tdf#160376 Add uno:Reload to the Notebookbar UI
- Update to latest Rhino 1.7.14
- Provide API for streaming relation data
- Linux Kernel: Linux 6.9-rc2
Featured content is also available via:
to_char(): prevent accesses beyond the allocated buffer
Enterprise / PostgreSQL - Bruce Momjian [momjian.us] - 2 February 2015 09:00 UTC
Previously very long field masks for floats could access memory beyond the existing buffer allocated to hold the result.
Reported by Andres Freund and Peter Geoghegan. Backpatch to all supported versions.
Security: CVE-2015-0241
0150ab5 to_char(): prevent accesses beyond the allocated buffer
src/backend/utils/adt/formatting.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
Upstream: git.postgresql.org
Share
- Tweet
Recent PostgreSQL Activity
- Better handle indirect constraint drops
Alvaro Herrera - Ensure generated join clauses for child rels have correct relids
Tom Lane - psql: Make output of \dD more stable
Peter Eisentraut - Revert: Custom reloptions for table AM
Alexander Korotkov - Doc: Update ulinks to RFC documents to avoid redirect
Daniel Gustafsson