1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
$NetBSD: patch-ah,v 1.1 2005/03/17 22:35:48 jschauma Exp $
--- src/pl/plpgsql/src/gram.y.orig 2005-01-20 19:31:21.000000000 -0500
+++ src/pl/plpgsql/src/gram.y 2005-03-17 17:29:03.000000000 -0500
@@ -1713,6 +1713,15 @@
}
}
+ /* Check for array overflow */
+ if (nparams >= 1024)
+ {
+ plpgsql_error_lineno = lno;
+ ereport(ERROR,
+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
+ errmsg("too many variables specified in SQL statement")));
+ }
+
expr = malloc(sizeof(PLpgSQL_expr) + sizeof(int) * nparams - sizeof(int));
expr->dtype = PLPGSQL_DTYPE_EXPR;
expr->query = strdup(plpgsql_dstring_get(&ds));
@@ -1856,6 +1865,15 @@
while ((tok = yylex()) == ',')
{
+ /* Check for array overflow */
+ if (nfields >= 1024)
+ {
+ plpgsql_error_lineno = plpgsql_scanner_lineno();
+ ereport(ERROR,
+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
+ errmsg("too many variables specified in SQL statement")));
+ }
+
tok = yylex();
switch(tok)
{
@@ -1918,6 +1936,15 @@
plpgsql_dstring_append(&ds, yytext);
break;
}
+
+ /* Check for array overflow */
+ if (nparams >= 1024)
+ {
+ plpgsql_error_lineno = plpgsql_scanner_lineno();
+ ereport(ERROR,
+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
+ errmsg("too many variables specified in SQL statement")));
+ }
}
expr = malloc(sizeof(PLpgSQL_expr) + sizeof(int) * nparams - sizeof(int));
@@ -1952,12 +1979,12 @@
return (PLpgSQL_stmt *)execsql;
}
-}
+ }
-static PLpgSQL_stmt *
-make_fetch_stmt(void)
-{
+ static PLpgSQL_stmt *
+ make_fetch_stmt(void)
+ {
int tok;
PLpgSQL_row *row = NULL;
PLpgSQL_rec *rec = NULL;
@@ -1989,6 +2016,15 @@
while ((tok = yylex()) == ',')
{
+ /* Check for array overflow */
+ if (nfields >= 1024)
+ {
+ plpgsql_error_lineno = plpgsql_scanner_lineno();
+ ereport(ERROR,
+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
+ errmsg("too many variables specified in SQL statement")));
+ }
+
tok = yylex();
switch(tok)
{
|