Use snprintf not sprintf in pg_waldump's timestamptz_to_str.

This could only cause an issue if strftime returned a ridiculously long timezone name, which seems unlikely; and it wouldn't qualify as a security problem even then, since pg_waldump (nee pg_xlogdump) is a debug tool not part of the server. But gcc 8 has started issuing warnings about it, so let's use snprintf and be safe. Backpatch to 9.3 where this code was added. Discussion: https://postgr.es/m/21789.1529170195@sss.pgh.pa.us
author: Tom Lane <tgl@sss.pgh.pa.us> 2018-06-16 14:45:47 -0400
committer: Tom Lane <tgl@sss.pgh.pa.us> 2018-06-16 14:45:47 -0400
commit: 8870e2978fc5db5741229f5cddc7bcc24ee52000 (patch)
tree: 1f6812dc9d4b12c39bd7e35bed8760b0ccaa2556
parent: e951f66deadbe78da83b2d1919d39883d098fdff (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/src/bin/pg_xlogdump/compat.c b/src/bin/pg_xlogdump/compat.c
index 845c2e5234a..d9a505196f2 100644
--- a/src/bin/pg_xlogdump/compat.c
+++ b/src/bin/pg_xlogdump/compat.c
@@ -64,9 +64,11 @@ timestamptz_to_str(TimestampTz dt)
 	strftime(zone, sizeof(zone), "%Z", ltime);
 
 #ifdef HAVE_INT64_TIMESTAMP
-	sprintf(buf, "%s.%06d %s", ts, (int) (dt % USECS_PER_SEC), zone);
+	snprintf(buf, sizeof(buf),
+			 "%s.%06d %s", ts, (int) (dt % USECS_PER_SEC), zone);
 #else
-	sprintf(buf, "%s.%.6f %s", ts, fabs(dt - floor(dt)), zone);
+	snprintf(buf, sizeof(buf),
+			 "%s.%.6f %s", ts, fabs(dt - floor(dt)), zone);
 #endif
 
 	return buf;
author	Tom Lane <tgl@sss.pgh.pa.us>	2018-06-16 14:45:47 -0400
committer	Tom Lane <tgl@sss.pgh.pa.us>	2018-06-16 14:45:47 -0400
commit	8870e2978fc5db5741229f5cddc7bcc24ee52000 (patch)
tree	1f6812dc9d4b12c39bd7e35bed8760b0ccaa2556
parent	e951f66deadbe78da83b2d1919d39883d098fdff (diff)