databases/postgresql74/patches/patch-ah


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85

$NetBSD: patch-ah,v 1.1 2005/03/17 22:35:48 jschauma Exp $

--- src/pl/plpgsql/src/gram.y.orig	2005-01-20 19:31:21.000000000 -0500
+++ src/pl/plpgsql/src/gram.y	2005-03-17 17:29:03.000000000 -0500
@@ -1713,6 +1713,15 @@
 		}
 	}
 
+	/* Check for array overflow */
+	if (nparams >= 1024)
+	{
+		plpgsql_error_lineno = lno;
+		ereport(ERROR,
+				(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
+				errmsg("too many variables specified in SQL statement")));
+	}
+
 	expr = malloc(sizeof(PLpgSQL_expr) + sizeof(int) * nparams - sizeof(int));
 	expr->dtype			= PLPGSQL_DTYPE_EXPR;
 	expr->query			= strdup(plpgsql_dstring_get(&ds));
@@ -1856,6 +1865,15 @@
 
 					while ((tok = yylex()) == ',')
 					{
+						/* Check for array overflow */
+						if (nfields >= 1024)
+						{
+							plpgsql_error_lineno = plpgsql_scanner_lineno();
+							ereport(ERROR,
+									(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
+									errmsg("too many variables specified in SQL statement")));
+						}
+
 						tok = yylex();
 						switch(tok)
 						{
@@ -1918,6 +1936,15 @@
 				plpgsql_dstring_append(&ds, yytext);
 				break;
 		}
+
+		/* Check for array overflow */
+		if (nparams >= 1024)
+		{
+			plpgsql_error_lineno = plpgsql_scanner_lineno();
+			ereport(ERROR,
+					(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
+						errmsg("too many variables specified in SQL statement")));
+			}
 	}
 
 	expr = malloc(sizeof(PLpgSQL_expr) + sizeof(int) * nparams - sizeof(int));
@@ -1952,12 +1979,12 @@
 
 		return (PLpgSQL_stmt *)execsql;
 	}
-}
+	}
 
 
-static PLpgSQL_stmt *
-make_fetch_stmt(void)
-{
+	static PLpgSQL_stmt *
+	make_fetch_stmt(void)
+	{
 	int					tok;
 	PLpgSQL_row		   *row = NULL;
 	PLpgSQL_rec		   *rec = NULL;
@@ -1989,6 +2016,15 @@
 
 				while ((tok = yylex()) == ',')
 				{
+						/* Check for array overflow */
+						if (nfields >= 1024)
+						{
+							plpgsql_error_lineno = plpgsql_scanner_lineno();
+							ereport(ERROR,
+									(errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED),
+									errmsg("too many variables specified in SQL statement")));
+					}
+
 					tok = yylex();
 					switch(tok)
 					{