mirror of
https://github.com/postgres/postgres.git
synced 2026-02-19 02:29:10 -05:00
A security patch changed them today, so close the coverage gap now. Test that buffer overrun is avoided when pg_mblen*() requires more than the number of bytes remaining. This does not cover the calls in dict_thesaurus.c or in dict_synonym.c. That code is straightforward. To change that code's input, one must have access to modify installed OS files, so low-privilege users are not a threat. Testing this would likewise require changing installed share/postgresql/tsearch_data, which was enough of an obstacle to not bother. Security: CVE-2026-2006 Backpatch-through: 14 Co-authored-by: Thomas Munro <thomas.munro@gmail.com> Co-authored-by: Noah Misch <noah@leadboat.com> Reviewed-by: Heikki Linnakangas <hlinnaka@iki.fi> |
||
|---|---|---|
| .. | ||
| data | ||
| expected | ||
| sql | ||
| .gitignore | ||
| Makefile | ||
| meson.build | ||
| pg_trgm--1.0--1.1.sql | ||
| pg_trgm--1.1--1.2.sql | ||
| pg_trgm--1.2--1.3.sql | ||
| pg_trgm--1.3--1.4.sql | ||
| pg_trgm--1.3.sql | ||
| pg_trgm--1.4--1.5.sql | ||
| pg_trgm--1.5--1.6.sql | ||
| pg_trgm.control | ||
| trgm.h | ||
| trgm_gin.c | ||
| trgm_gist.c | ||
| trgm_op.c | ||
| trgm_regexp.c | ||