upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-06-09 08:42:38 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Prevent 4 more buffer overruns in the PL/PgSQL parser. This is just a

Browse source 
minimally-invasive fix for stable branches; a cleaner fix will be
committed to HEAD soon.
This commit is contained in:
Neil Conway 2005-02-07 03:55:28 +00:00
parent 3f8235ba24
commit 5c057d4b44
1 changed files with 37 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

38
src/pl/plpgsql/src/gram.y
View file

@ -4,7 +4,7 @@
* procedural language
*
* IDENTIFICATION
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/gram.y,v 1.48.2.1 2005/01/21 00:31:21 neilc Exp $
* $Header: /cvsroot/pgsql/src/pl/plpgsql/src/gram.y,v 1.48.2.2 2005/02/07 03:55:28 neilc Exp $
*
* This software is copyrighted by Jan Wieck - Hamburg.
*
@ -1711,6 +1711,15 @@ read_sql_construct(int until,
plpgsql_dstring_append(&ds, yytext);
break;
}
/* Check for array overflow */
if (nparams >= 1024)
{
plpgsql_error_lineno = lno;
ereport(ERROR,
(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
errmsg("too many variables specified in SQL statement")));
}
}
expr = malloc(sizeof(PLpgSQL_expr) + sizeof(int) * nparams - sizeof(int));
@ -1856,6 +1865,15 @@ make_select_stmt(void)
while ((tok = yylex()) == ',')
{
/* Check for array overflow */
if (nfields >= 1024)
{
plpgsql_error_lineno = plpgsql_scanner_lineno();
ereport(ERROR,
(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
errmsg("too many INTO variables specified")));
}
tok = yylex();
switch(tok)
{
@ -1918,6 +1936,15 @@ make_select_stmt(void)
plpgsql_dstring_append(&ds, yytext);
break;
}
/* Check for array overflow */
if (nparams >= 1024)
{
plpgsql_error_lineno = plpgsql_scanner_lineno();
ereport(ERROR,
(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
errmsg("too many variables specified in SQL statement")));
}
}
expr = malloc(sizeof(PLpgSQL_expr) + sizeof(int) * nparams - sizeof(int));
@ -1989,6 +2016,15 @@ make_fetch_stmt(void)
while ((tok = yylex()) == ',')
{
/* Check for array overflow */
if (nfields >= 1024)
{
plpgsql_error_lineno = plpgsql_scanner_lineno();
ereport(ERROR,
(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
errmsg("too many INTO variables specified")));
}
tok = yylex();
switch(tok)
{