upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-03-28 05:13:33 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/include
History
Noah Misch d1264948fc With GB18030, prevent SIGSEGV from reading past end of allocation. 
With GB18030 as source encoding, applications could crash the server via
SQL functions convert() or convert_from().  Applications themselves
could crash after passing unterminated GB18030 input to libpq functions
PQescapeLiteral(), PQescapeIdentifier(), PQescapeStringConn(), or
PQescapeString().  Extension code could crash by passing unterminated
GB18030 input to jsonapi.h functions.  All those functions have been
intended to handle untrusted, unterminated input safely.

A crash required allocating the input such that the last byte of the
allocation was the last byte of a virtual memory page.  Some malloc()
implementations take measures against that, making the SIGSEGV hard to
reach.  Back-patch to v13 (all supported versions).

Author: Noah Misch <noah@leadboat.com>
Author: Andres Freund <andres@anarazel.de>
Reviewed-by: Masahiko Sawada <sawada.mshk@gmail.com>
Backpatch-through: 13
Security: CVE-2025-4207
2025-05-05 04:52:07 -07:00
..
access At update of non-LP_NORMAL TID, fail instead of corrupting page header. 2025-01-25 11:28:18 -08:00
archive Redesign archive modules 2023-02-17 14:26:42 +09:00
backup Fix some typos and some incorrectly duplicated words 2023-04-18 14:03:49 +12:00
bootstrap Update copyright for 2023 2023-01-02 15:00:37 -05:00
catalog Fix broken handling of domains in atthasmissing logic. 2025-03-03 12:43:29 -05:00
commands doc: Add better description for rewrite functions in event triggers 2024-10-29 15:35:18 +09:00
common Fix corner-case 64-bit integer subtraction bug on some platforms. 2023-11-09 09:53:05 +00:00
datatype Avoid using timezone Asia/Manila in regression tests. 2025-01-20 15:47:53 -05:00
executor Simplify executor's determination of whether to use parallelism. 2024-12-09 14:38:19 -05:00
fe_utils Specify the encoding of input to fmtId() 2025-02-10 10:03:39 -05:00
foreign Update copyright for 2023 2023-01-02 15:00:37 -05:00
jit Monkey-patch LLVM code to fix ARM relocation bug. 2024-11-06 23:09:03 +13:00
lib simplehash: Free collisions array in SH_STAT 2024-04-07 19:09:02 -07:00
libpq Make dblink interruptible, via new libpqsrv APIs. 2025-04-03 09:33:58 -07:00
mb With GB18030, prevent SIGSEGV from reading past end of allocation. 2025-05-05 04:52:07 -07:00
nodes Fix code comment 2025-04-02 14:42:25 +02:00
optimizer Account for optimized MinMax aggregates during SS_finalize_plan. 2024-05-18 14:31:35 -04:00
parser Handle default NULL insertion a little better. 2025-01-29 15:31:55 -05:00
partitioning Revert "Move PartitionPruneInfo out of plan nodes into PlannedStmt" 2023-05-04 12:09:59 +02:00
pch Update copyright for 2023 2023-01-02 15:00:37 -05:00
port Provide 64-bit ftruncate() and lseek() on Windows. 2025-01-09 14:59:47 +13:00
portability instr_time: Represent time as an int64 on all platforms 2023-01-20 21:16:47 -08:00
postmaster Fix wal_writer_flush_after initializer value. 2023-05-15 11:19:54 +12:00
regex Avoid assertion due to disconnected NFA sub-graphs in regex parsing. 2024-11-15 18:23:38 -05:00
replication Fix race with synchronous_standby_names at startup 2025-04-11 10:02:17 +09:00
rewrite Make Vars be outer-join-aware. 2023-01-30 13:16:20 -05:00
snowball Update copyright for 2023 2023-01-02 15:00:37 -05:00
statistics Update copyright for 2023 2023-01-02 15:00:37 -05:00
storage Restore smgrtruncate() prototype in back-branches. 2025-01-08 10:46:45 +13:00
tcop Restrict accesses to non-system views and foreign tables during pg_dump. 2024-08-05 06:05:28 -07:00
tsearch Update tsearch regex memory management. 2023-04-08 22:09:17 +12:00
utils Fix catcache invalidation of a list entry that's being built 2025-01-14 14:41:01 +02:00
.gitignore Refactor dlopen() support 2018-09-06 11:33:04 +02:00
c.h Assume that <stdbool.h> conforms to the C standard. 2024-11-25 20:54:05 +13:00
fmgr.h Update copyright for 2023 2023-01-02 15:00:37 -05:00
funcapi.h Pre-beta mechanical code beautification. 2023-05-19 17:24:48 -04:00
getopt_long.h Update copyright for 2023 2023-01-02 15:00:37 -05:00
Makefile Include headers of archive/ in installation 2023-03-10 20:08:10 +09:00
meson.build meson: Make some Meson style more consistent with surrounding code 2023-06-29 13:06:02 +02:00
miscadmin.h Exclude parallel workers from connection privilege/limit checks. 2024-12-28 16:08:50 -05:00
pg_config.h.in Fix detection and handling of strchrnul() for macOS 15.4. 2025-04-01 16:49:51 -04:00
pg_config_ext.h.in Autoconfiscate selection of 64-bit int type for 64-bit large object API. 2012-10-07 21:52:43 -04:00
pg_config_ext.h.meson meson: Add initial version of meson based build system 2022-09-21 22:37:17 -07:00
pg_config_manual.h Fix typos in comments 2023-05-02 12:23:08 +09:00
pg_getopt.h Update copyright for 2023 2023-01-02 15:00:37 -05:00
pg_trace.h Update copyright for 2023 2023-01-02 15:00:37 -05:00
pgstat.h Add writeback to pg_stat_io 2023-05-17 11:18:35 -07:00
pgtar.h Update copyright for 2023 2023-01-02 15:00:37 -05:00
pgtime.h Update copyright for 2023 2023-01-02 15:00:37 -05:00
port.h Avoid breaking SJIS encoding while de-backslashing Windows paths. 2025-01-29 14:24:36 -05:00
postgres.h New header varatt.h split off from postgres.h 2023-01-10 05:54:36 +01:00
postgres_ext.h Move RelFileNumber declarations to common/relpath.h. 2022-09-27 12:01:57 -04:00
postgres_fe.h Update copyright for 2023 2023-01-02 15:00:37 -05:00
varatt.h New header varatt.h split off from postgres.h 2023-01-10 05:54:36 +01:00
windowapi.h Update copyright for 2023 2023-01-02 15:00:37 -05:00