diff options
| author | jschauma <jschauma@pkgsrc.org> | 2005-03-17 20:56:46 +0000 |
|---|---|---|
| committer | jschauma <jschauma@pkgsrc.org> | 2005-03-17 20:56:46 +0000 |
| commit | 083b5813c5617ebe5623b6d462d5c8a3d6ac777d (patch) | |
| tree | a2e85a48aeda8b4f1ef2804b9471017ab131c4ca /databases | |
| parent | 81a0a96a76b0844b91aee9080bd7999dc9d504b4 (diff) | |
| download | pkgsrc-083b5813c5617ebe5623b6d462d5c8a3d6ac777d.tar.gz | |
pull in the patch from http://archives.postgresql.org/pgsql-committers/2005-02/msg00049.php
which should fix CAN-2005-0247
Diffstat (limited to 'databases')
| -rw-r--r-- | databases/postgresql80/distinfo | 3 | ||||
| -rw-r--r-- | databases/postgresql80/patches/patch-ab | 70 |
2 files changed, 72 insertions, 1 deletions
diff --git a/databases/postgresql80/distinfo b/databases/postgresql80/distinfo index f6887ba1824..a6afecd213b 100644 --- a/databases/postgresql80/distinfo +++ b/databases/postgresql80/distinfo @@ -1,6 +1,7 @@ -$NetBSD: distinfo,v 1.2 2005/02/23 16:33:09 agc Exp $ +$NetBSD: distinfo,v 1.3 2005/03/17 20:56:46 jschauma Exp $ SHA1 (postgresql-8.0.1.tar.bz2) = 42a16fe13a6271b1612fb0a9f41f7da0a2e307b6 RMD160 (postgresql-8.0.1.tar.bz2) = 8aca3b38d2e37efe5ed1ff16e942daad2e486e1f Size (postgresql-8.0.1.tar.bz2) = 11049626 bytes SHA1 (patch-aa) = 20492216de0e5238a02b4cdd18c297731cf6462a +SHA1 (patch-ab) = 2b3a45b3d1c529a0d4202e5a095f4d9391507e82 diff --git a/databases/postgresql80/patches/patch-ab b/databases/postgresql80/patches/patch-ab new file mode 100644 index 00000000000..628b9abd136 --- /dev/null +++ b/databases/postgresql80/patches/patch-ab @@ -0,0 +1,70 @@ +$NetBSD: patch-ab,v 1.1 2005/03/17 20:56:46 jschauma Exp $ + +--- src/pl/plpgsql/src/gram.y.orig 2005-03-17 15:43:26.000000000 -0500 ++++ src/pl/plpgsql/src/gram.y 2005-03-17 15:43:31.000000000 -0500 +@@ -1794,6 +1794,15 @@ + } + } + ++ /* Check for array overflow */ ++ if (nparams >= 1024) ++ { ++ plpgsql_error_lineno = lno; ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("too many variables specified in SQL statement"))); ++ } ++ + if (endtoken) + *endtoken = tok; + +@@ -1940,6 +1949,16 @@ + + while ((tok = yylex()) == ',') + { ++ /* Check for array overflow */ ++ if (nfields >= 1024) ++ { ++ plpgsql_error_lineno = plpgsql_scanner_lineno(); ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("too many INTO variables specified"))); ++ } ++ ++ + tok = yylex(); + switch(tok) + { +@@ -2014,6 +2033,16 @@ + plpgsql_dstring_append(&ds, yytext); + break; + } ++ ++ /* Check for array overflow */ ++ if (nparams >= 1024) ++ { ++ plpgsql_error_lineno = plpgsql_scanner_lineno(); ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("too many variables specified in SQL statement"))); ++ } ++ + } + + expr = malloc(sizeof(PLpgSQL_expr) + sizeof(int) * nparams - sizeof(int)); +@@ -2085,6 +2114,15 @@ + + while ((tok = yylex()) == ',') + { ++ /* Check for array overflow */ ++ if (nfields >= 1024) ++ { ++ plpgsql_error_lineno = plpgsql_scanner_lineno(); ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("too many INTO variables specified"))); ++ } ++ + tok = yylex(); + switch(tok) + { |