pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/databases/postgresql74 Backport patch from
details: https://anonhg.NetBSD.org/pkgsrc/rev/a5c3bba0d376
branches: trunk
changeset: 490685:a5c3bba0d376
user: jschauma <jschauma%pkgsrc.org@localhost>
date: Thu Mar 17 22:35:48 2005 +0000
description:
Backport patch from
http://developer.postgresql.org/cvsweb.cgi/pgsql/src/pl/plpgsql/src/gram.y.diff?r1=1.64.4.1&r2=1.64.4.2
to fix CAN-2005-0247 for postgresql74
Bump PKGREVISION on postgresql74-lib
diffstat:
databases/postgresql74/distinfo | 3 +-
databases/postgresql74/patches/patch-ah | 85 +++++++++++++++++++++++++++++++++
2 files changed, 87 insertions(+), 1 deletions(-)
diffs (103 lines):
diff -r 3b94bc7eada8 -r a5c3bba0d376 databases/postgresql74/distinfo
--- a/databases/postgresql74/distinfo Thu Mar 17 22:16:39 2005 +0000
+++ b/databases/postgresql74/distinfo Thu Mar 17 22:35:48 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.16 2005/02/23 16:33:08 agc Exp $
+$NetBSD: distinfo,v 1.17 2005/03/17 22:35:48 jschauma Exp $
SHA1 (postgresql-7.4.7.tar.bz2) = 48fe9187ae1776265756b807254552b4f6bcfcb8
RMD160 (postgresql-7.4.7.tar.bz2) = 1bbb64c8a9b95cafe0254a0994752b8bbb624346
@@ -10,3 +10,4 @@
SHA1 (patch-ae) = f0e0ad98ebdc972e7c40afd805fbb0d909d5ef3b
SHA1 (patch-af) = 7373db75fda125b980f2ead990719798c0d22a48
SHA1 (patch-ag) = a983f23b5e47a4c2f31ba284ff3db51b53cf8414
+SHA1 (patch-ah) = 4cc4e45679284815c32a5ff3b461b12df55d07c2
diff -r 3b94bc7eada8 -r a5c3bba0d376 databases/postgresql74/patches/patch-ah
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/databases/postgresql74/patches/patch-ah Thu Mar 17 22:35:48 2005 +0000
@@ -0,0 +1,85 @@
+$NetBSD: patch-ah,v 1.1 2005/03/17 22:35:48 jschauma Exp $
+
+--- src/pl/plpgsql/src/gram.y.orig 2005-01-20 19:31:21.000000000 -0500
++++ src/pl/plpgsql/src/gram.y 2005-03-17 17:29:03.000000000 -0500
+@@ -1713,6 +1713,15 @@
+ }
+ }
+
++ /* Check for array overflow */
++ if (nparams >= 1024)
++ {
++ plpgsql_error_lineno = lno;
++ ereport(ERROR,
++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
++ errmsg("too many variables specified in SQL statement")));
++ }
++
+ expr = malloc(sizeof(PLpgSQL_expr) + sizeof(int) * nparams - sizeof(int));
+ expr->dtype = PLPGSQL_DTYPE_EXPR;
+ expr->query = strdup(plpgsql_dstring_get(&ds));
+@@ -1856,6 +1865,15 @@
+
+ while ((tok = yylex()) == ',')
+ {
++ /* Check for array overflow */
++ if (nfields >= 1024)
++ {
++ plpgsql_error_lineno = plpgsql_scanner_lineno();
++ ereport(ERROR,
++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
++ errmsg("too many variables specified in SQL statement")));
++ }
++
+ tok = yylex();
+ switch(tok)
+ {
+@@ -1918,6 +1936,15 @@
+ plpgsql_dstring_append(&ds, yytext);
+ break;
+ }
++
++ /* Check for array overflow */
++ if (nparams >= 1024)
++ {
++ plpgsql_error_lineno = plpgsql_scanner_lineno();
++ ereport(ERROR,
++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
++ errmsg("too many variables specified in SQL statement")));
++ }
+ }
+
+ expr = malloc(sizeof(PLpgSQL_expr) + sizeof(int) * nparams - sizeof(int));
+@@ -1952,12 +1979,12 @@
+
+ return (PLpgSQL_stmt *)execsql;
+ }
+-}
++ }
+
+
+-static PLpgSQL_stmt *
+-make_fetch_stmt(void)
+-{
++ static PLpgSQL_stmt *
++ make_fetch_stmt(void)
++ {
+ int tok;
+ PLpgSQL_row *row = NULL;
+ PLpgSQL_rec *rec = NULL;
+@@ -1989,6 +2016,15 @@
+
+ while ((tok = yylex()) == ',')
+ {
++ /* Check for array overflow */
++ if (nfields >= 1024)
++ {
++ plpgsql_error_lineno = plpgsql_scanner_lineno();
++ ereport(ERROR,
++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
++ errmsg("too many variables specified in SQL statement")));
++ }
++
+ tok = yylex();
+ switch(tok)
+ {
Home |
Main Index |
Thread Index |
Old Index