diff options
| author | Bruce Momjian <bruce@momjian.us> | 2002-08-22 04:55:05 +0000 |
|---|---|---|
| committer | Bruce Momjian <bruce@momjian.us> | 2002-08-22 04:55:05 +0000 |
| commit | d86dee3eddfaec1f2faddc5b807f2b13d58adcdd (patch) | |
| tree | 922ad18695aeafb5709e5c83be388335a270499f /src | |
| parent | cbe733d7527058300f325d7b3f8fec4aa4ffe3de (diff) | |
| download | postgresql-d86dee3eddfaec1f2faddc5b807f2b13d58adcdd.tar.gz postgresql-d86dee3eddfaec1f2faddc5b807f2b13d58adcdd.zip | |
This patch should fix the problem. Doesn't include my previous patch
for repeat(). Again, somewhat off-the-cuff, so I might have missed
something...
test=# select lpad('xxxxx',1431655765,'yyyyyyyyyyyyyyyy');
ERROR: Requested length too large
test=# select rpad('xxxxx',1431655765,'yyyyyyyyyyyyyyyy');
ERROR: Requested length too large
(That's on a Unicode DB, haven't tested other encodings but AFAICT
this fix should still work.)
Neil Conway
Diffstat (limited to 'src')
| -rw-r--r-- | src/backend/utils/adt/oracle_compat.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/src/backend/utils/adt/oracle_compat.c b/src/backend/utils/adt/oracle_compat.c index dfeb18c551b..6236d74c9d4 100644 --- a/src/backend/utils/adt/oracle_compat.c +++ b/src/backend/utils/adt/oracle_compat.c @@ -9,7 +9,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/utils/adt/oracle_compat.c,v 1.39 2002/08/22 04:54:20 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/utils/adt/oracle_compat.c,v 1.40 2002/08/22 04:55:05 momjian Exp $ * *------------------------------------------------------------------------- */ @@ -199,6 +199,11 @@ lpad(PG_FUNCTION_ARGS) #ifdef MULTIBYTE bytelen = pg_database_encoding_max_length() * len; + + /* check for integer overflow */ + if (len != 0 && bytelen / pg_database_encoding_max_length() != len) + elog(ERROR, "Requested length too large"); + ret = (text *) palloc(VARHDRSZ + bytelen); #else ret = (text *) palloc(VARHDRSZ + len); @@ -310,6 +315,11 @@ rpad(PG_FUNCTION_ARGS) #ifdef MULTIBYTE bytelen = pg_database_encoding_max_length() * len; + + /* Check for integer overflow */ + if (len != 0 && bytelen / pg_database_encoding_max_length() != len) + elog(ERROR, "Requested length too large"); + ret = (text *) palloc(VARHDRSZ + bytelen); #else ret = (text *) palloc(VARHDRSZ + len); |