mirror of
https://github.com/postgres/postgres.git
synced 2026-06-15 03:30:26 -04:00
757bf8145e
A security patch changed them today, so close the coverage gap now. Test that buffer overrun is avoided when pg_mblen*() requires more than the number of bytes remaining. This does not cover the calls in dict_thesaurus.c or in dict_synonym.c. That code is straightforward. To change that code's input, one must have access to modify installed OS files, so low-privilege users are not a threat. Testing this would likewise require changing installed share/postgresql/tsearch_data, which was enough of an obstacle to not bother. Security: CVE-2026-2006 Backpatch-through: 14 Co-authored-by: Thomas Munro <thomas.munro@gmail.com> Co-authored-by: Noah Misch <noah@leadboat.com> Reviewed-by: Heikki Linnakangas <hlinnaka@iki.fi>
12 lines
487 B
SQL
12 lines
487 B
SQL
-- This test is about EUC_KR encoding, chosen as perhaps the most prevalent
|
|
-- non-UTF8, multibyte encoding as of 2026-01. Since UTF8 can represent all
|
|
-- of EUC_KR, also run the test in UTF8.
|
|
SELECT getdatabaseencoding() NOT IN ('EUC_KR', 'UTF8') AS skip_test \gset
|
|
\if :skip_test
|
|
\quit
|
|
\endif
|
|
|
|
-- Exercise is_multibyte_char_in_char (non-UTF8) slow path.
|
|
SELECT POSITION(
|
|
convert_from('\xbcf6c7d0', 'EUC_KR') IN
|
|
convert_from('\xb0fac7d02c20bcf6c7d02c20b1e2bcfa2c20bbee', 'EUC_KR'));
|