diff options
| author | Michael Meskes <meskes@postgresql.org> | 2019-04-11 20:56:17 +0200 |
|---|---|---|
| committer | Michael Meskes <meskes@postgresql.org> | 2019-04-11 21:04:37 +0200 |
| commit | 0ba09cc026985536586b7fd58ceddee16ea739d7 (patch) | |
| tree | 603aa1af721bfc41e83c7726efa52d88e59c188f | |
| parent | 5db85688a58ca4033c8073cdd9d6b064a4f1e8ea (diff) | |
Fix off-by-one check that can lead to a memory overflow in ecpg.
Patch by Liu Huailing <liuhuailing@cn.fujitsu.com>
| -rw-r--r-- | src/interfaces/ecpg/preproc/pgc.l | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/interfaces/ecpg/preproc/pgc.l b/src/interfaces/ecpg/preproc/pgc.l index 56682067aff..4a63da7084b 100644 --- a/src/interfaces/ecpg/preproc/pgc.l +++ b/src/interfaces/ecpg/preproc/pgc.l @@ -1414,7 +1414,7 @@ parse_include(void) for (ip = include_paths; yyin == NULL && ip != NULL; ip = ip->next) { - if (strlen(ip->path) + strlen(yytext) + 3 > MAXPGPATH) + if (strlen(ip->path) + strlen(yytext) + 4 > MAXPGPATH) { fprintf(stderr, _("Error: include path \"%s/%s\" is too long on line %d, skipping\n"), ip->path, yytext, yylineno); continue; |