diff options
| author | jschauma <jschauma@pkgsrc.org> | 2005-03-17 20:56:46 +0000 |
|---|---|---|
| committer | jschauma <jschauma@pkgsrc.org> | 2005-03-17 20:56:46 +0000 |
| commit | 083b5813c5617ebe5623b6d462d5c8a3d6ac777d (patch) | |
| tree | a2e85a48aeda8b4f1ef2804b9471017ab131c4ca /databases/postgresql80/patches | |
| parent | 81a0a96a76b0844b91aee9080bd7999dc9d504b4 (diff) | |
| download | pkgsrc-083b5813c5617ebe5623b6d462d5c8a3d6ac777d.tar.gz | |
pull in the patch from http://archives.postgresql.org/pgsql-committers/2005-02/msg00049.php
which should fix CAN-2005-0247
Diffstat (limited to 'databases/postgresql80/patches')
| -rw-r--r-- | databases/postgresql80/patches/patch-ab | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/databases/postgresql80/patches/patch-ab b/databases/postgresql80/patches/patch-ab new file mode 100644 index 00000000000..628b9abd136 --- /dev/null +++ b/databases/postgresql80/patches/patch-ab @@ -0,0 +1,70 @@ +$NetBSD: patch-ab,v 1.1 2005/03/17 20:56:46 jschauma Exp $ + +--- src/pl/plpgsql/src/gram.y.orig 2005-03-17 15:43:26.000000000 -0500 ++++ src/pl/plpgsql/src/gram.y 2005-03-17 15:43:31.000000000 -0500 +@@ -1794,6 +1794,15 @@ + } + } + ++ /* Check for array overflow */ ++ if (nparams >= 1024) ++ { ++ plpgsql_error_lineno = lno; ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("too many variables specified in SQL statement"))); ++ } ++ + if (endtoken) + *endtoken = tok; + +@@ -1940,6 +1949,16 @@ + + while ((tok = yylex()) == ',') + { ++ /* Check for array overflow */ ++ if (nfields >= 1024) ++ { ++ plpgsql_error_lineno = plpgsql_scanner_lineno(); ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("too many INTO variables specified"))); ++ } ++ ++ + tok = yylex(); + switch(tok) + { +@@ -2014,6 +2033,16 @@ + plpgsql_dstring_append(&ds, yytext); + break; + } ++ ++ /* Check for array overflow */ ++ if (nparams >= 1024) ++ { ++ plpgsql_error_lineno = plpgsql_scanner_lineno(); ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("too many variables specified in SQL statement"))); ++ } ++ + } + + expr = malloc(sizeof(PLpgSQL_expr) + sizeof(int) * nparams - sizeof(int)); +@@ -2085,6 +2114,15 @@ + + while ((tok = yylex()) == ',') + { ++ /* Check for array overflow */ ++ if (nfields >= 1024) ++ { ++ plpgsql_error_lineno = plpgsql_scanner_lineno(); ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("too many INTO variables specified"))); ++ } ++ + tok = yylex(); + switch(tok) + { |