pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/databases Backport patch from http://developer.postgre...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/9d70f9a24920
branches:  trunk
changeset: 490682:9d70f9a24920
user:      jschauma <jschauma%pkgsrc.org@localhost>
date:      Thu Mar 17 21:38:32 2005 +0000

description:
Backport patch from http://developer.postgresql.org/cvsweb.cgi/pgsql/src/pl/plpgsql/src/gram.y.diff?r1=1.64.4.1&r2=1.64.4.2

to fix CAN-2005-0247 for postgresql73
Bump PKGREVISION on postgresql73-lib

diffstat:

 databases/postgresql73-lib/Makefile     |   4 +-
 databases/postgresql73/distinfo         |   3 +-
 databases/postgresql73/patches/patch-al |  60 +++++++++++++++++++++++++++++++++
 3 files changed, 64 insertions(+), 3 deletions(-)

diffs (91 lines):

diff -r df43f48dfc35 -r 9d70f9a24920 databases/postgresql73-lib/Makefile
--- a/databases/postgresql73-lib/Makefile       Thu Mar 17 20:57:17 2005 +0000
+++ b/databases/postgresql73-lib/Makefile       Thu Mar 17 21:38:32 2005 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.6 2005/02/05 14:49:03 jdolecek Exp $
+# $NetBSD: Makefile,v 1.7 2005/03/17 21:38:32 jschauma Exp $
 
 PKGNAME=               postgresql73-lib-${BASE_VERS}
-PKGREVISION=           # empty
+PKGREVISION=           1
 SVR4_PKGNAME=          pstgl
 COMMENT=               PostgreSQL database headers and libraries
 
diff -r df43f48dfc35 -r 9d70f9a24920 databases/postgresql73/distinfo
--- a/databases/postgresql73/distinfo   Thu Mar 17 20:57:17 2005 +0000
+++ b/databases/postgresql73/distinfo   Thu Mar 17 21:38:32 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.7 2005/02/23 16:33:08 agc Exp $
+$NetBSD: distinfo,v 1.8 2005/03/17 21:38:32 jschauma Exp $
 
 SHA1 (postgresql-7.3.9.tar.gz) = 01481f3af507cb6b361bd71fc51c0fb8c06905da
 RMD160 (postgresql-7.3.9.tar.gz) = 61b97bd71cee3e107419598b75d0ec0734df2791
@@ -14,3 +14,4 @@
 SHA1 (patch-ai) = d7889e05ab7963f2b93b46c953cbf1a44e9c0fe5
 SHA1 (patch-aj) = 4c46173cba1dd36296d8b3fcca8cdfebcc717162
 SHA1 (patch-ak) = a983f23b5e47a4c2f31ba284ff3db51b53cf8414
+SHA1 (patch-al) = 6ad25b048e46a40bcaadd3f5322ee33bbd1a2fa7
diff -r df43f48dfc35 -r 9d70f9a24920 databases/postgresql73/patches/patch-al
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/databases/postgresql73/patches/patch-al   Thu Mar 17 21:38:32 2005 +0000
@@ -0,0 +1,60 @@
+$NetBSD: patch-al,v 1.1 2005/03/17 21:38:32 jschauma Exp $
+
+--- src/pl/plpgsql/src/gram.y.orig     2005-01-26 20:44:42.000000000 -0500
++++ src/pl/plpgsql/src/gram.y  2005-03-17 16:34:50.000000000 -0500
+@@ -1626,6 +1626,13 @@
+               }
+       }
+ 
++      /* Check for array overflow */
++      if (nparams >= 1024)
++      {
++              plpgsql_error_lineno = lno;
++              elog(ERROR, "too many variables specified in SQL statement");
++      }
++
+       expr = malloc(sizeof(PLpgSQL_expr) + sizeof(int) * nparams - sizeof(int));
+       expr->dtype                     = PLPGSQL_DTYPE_EXPR;
+       expr->query                     = strdup(plpgsql_dstring_get(&ds));
+@@ -1761,6 +1768,13 @@
+ 
+                                       while ((tok = yylex()) == ',')
+                                       {
++                                              /* Check for array overflow */
++                                              if (nfields >= 1024)
++                                              {
++                                                      plpgsql_error_lineno = plpgsql_scanner_lineno();
++                                                      elog(ERROR, "too many variables specified in SQL statement");
++                                              }
++
+                                               tok = yylex();
+                                               switch(tok)
+                                               {
+@@ -1821,6 +1835,13 @@
+                               plpgsql_dstring_append(&ds, yytext);
+                               break;
+               }
++
++              /* Check for array overflow */
++              if (nparams >= 1024)
++              {
++                      plpgsql_error_lineno = plpgsql_scanner_lineno();
++                      elog(ERROR, "too many variables specified in SQL statement");
++              }
+       }
+ 
+       expr = malloc(sizeof(PLpgSQL_expr) + sizeof(int) * nparams - sizeof(int));
+@@ -1892,6 +1913,13 @@
+ 
+                               while ((tok = yylex()) == ',')
+                               {
++                                      /* Check for array overflow */
++                                      if (nfields >= 1024)
++                                      {
++                                              plpgsql_error_lineno = plpgsql_scanner_lineno();
++                                              elog(ERROR, "too many variables specified in SQL statement");
++                                      }
++
+                                       tok = yylex();
+                                       switch(tok)
+                                       {



Home | Main Index | Thread Index | Old Index