diff options
| author | jschauma <jschauma@pkgsrc.org> | 2005-03-17 21:38:32 +0000 |
|---|---|---|
| committer | jschauma <jschauma@pkgsrc.org> | 2005-03-17 21:38:32 +0000 |
| commit | 6dd2b9ed4abbea5ba67f93ba588468eae302298e (patch) | |
| tree | ff069e1d20edbfc914d51e1a735baf58be3d5535 /databases/postgresql73 | |
| parent | 9a87eaf7c7ece4530562019463821be7968f95e2 (diff) | |
| download | pkgsrc-6dd2b9ed4abbea5ba67f93ba588468eae302298e.tar.gz | |
Backport patch from http://developer.postgresql.org/cvsweb.cgi/pgsql/src/pl/plpgsql/src/gram.y.diff?r1=1.64.4.1&r2=1.64.4.2
to fix CAN-2005-0247 for postgresql73
Bump PKGREVISION on postgresql73-lib
Diffstat (limited to 'databases/postgresql73')
| -rw-r--r-- | databases/postgresql73/distinfo | 3 | ||||
| -rw-r--r-- | databases/postgresql73/patches/patch-al | 60 |
2 files changed, 62 insertions, 1 deletions
diff --git a/databases/postgresql73/distinfo b/databases/postgresql73/distinfo index 0280a013594..dadafe3f2a4 100644 --- a/databases/postgresql73/distinfo +++ b/databases/postgresql73/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.7 2005/02/23 16:33:08 agc Exp $ +$NetBSD: distinfo,v 1.8 2005/03/17 21:38:32 jschauma Exp $ SHA1 (postgresql-7.3.9.tar.gz) = 01481f3af507cb6b361bd71fc51c0fb8c06905da RMD160 (postgresql-7.3.9.tar.gz) = 61b97bd71cee3e107419598b75d0ec0734df2791 @@ -14,3 +14,4 @@ SHA1 (patch-ah) = 210c0dda3c32481280fe5f2a9525d33f1d989c6d SHA1 (patch-ai) = d7889e05ab7963f2b93b46c953cbf1a44e9c0fe5 SHA1 (patch-aj) = 4c46173cba1dd36296d8b3fcca8cdfebcc717162 SHA1 (patch-ak) = a983f23b5e47a4c2f31ba284ff3db51b53cf8414 +SHA1 (patch-al) = 6ad25b048e46a40bcaadd3f5322ee33bbd1a2fa7 diff --git a/databases/postgresql73/patches/patch-al b/databases/postgresql73/patches/patch-al new file mode 100644 index 00000000000..265823fd2d0 --- /dev/null +++ b/databases/postgresql73/patches/patch-al @@ -0,0 +1,60 @@ +$NetBSD: patch-al,v 1.1 2005/03/17 21:38:32 jschauma Exp $ + +--- src/pl/plpgsql/src/gram.y.orig 2005-01-26 20:44:42.000000000 -0500 ++++ src/pl/plpgsql/src/gram.y 2005-03-17 16:34:50.000000000 -0500 +@@ -1626,6 +1626,13 @@ + } + } + ++ /* Check for array overflow */ ++ if (nparams >= 1024) ++ { ++ plpgsql_error_lineno = lno; ++ elog(ERROR, "too many variables specified in SQL statement"); ++ } ++ + expr = malloc(sizeof(PLpgSQL_expr) + sizeof(int) * nparams - sizeof(int)); + expr->dtype = PLPGSQL_DTYPE_EXPR; + expr->query = strdup(plpgsql_dstring_get(&ds)); +@@ -1761,6 +1768,13 @@ + + while ((tok = yylex()) == ',') + { ++ /* Check for array overflow */ ++ if (nfields >= 1024) ++ { ++ plpgsql_error_lineno = plpgsql_scanner_lineno(); ++ elog(ERROR, "too many variables specified in SQL statement"); ++ } ++ + tok = yylex(); + switch(tok) + { +@@ -1821,6 +1835,13 @@ + plpgsql_dstring_append(&ds, yytext); + break; + } ++ ++ /* Check for array overflow */ ++ if (nparams >= 1024) ++ { ++ plpgsql_error_lineno = plpgsql_scanner_lineno(); ++ elog(ERROR, "too many variables specified in SQL statement"); ++ } + } + + expr = malloc(sizeof(PLpgSQL_expr) + sizeof(int) * nparams - sizeof(int)); +@@ -1892,6 +1913,13 @@ + + while ((tok = yylex()) == ',') + { ++ /* Check for array overflow */ ++ if (nfields >= 1024) ++ { ++ plpgsql_error_lineno = plpgsql_scanner_lineno(); ++ elog(ERROR, "too many variables specified in SQL statement"); ++ } ++ + tok = yylex(); + switch(tok) + { |