diff options
| -rw-r--r-- | contrib/chkpass/chkpass.c | 24 | ||||
| -rw-r--r-- | contrib/pg_standby/pg_standby.c | 2 | ||||
| -rw-r--r-- | src/backend/access/transam/xlog.c | 6 | ||||
| -rw-r--r-- | src/backend/tsearch/spell.c | 2 | ||||
| -rw-r--r-- | src/backend/utils/adt/datetime.c | 11 | ||||
| -rw-r--r-- | src/bin/initdb/findtimezone.c | 4 | ||||
| -rw-r--r-- | src/bin/pg_basebackup/pg_basebackup.c | 8 | ||||
| -rw-r--r-- | src/common/exec.c | 4 | ||||
| -rw-r--r-- | src/interfaces/ecpg/preproc/pgc.l | 2 | ||||
| -rw-r--r-- | src/interfaces/libpq/fe-protocol2.c | 2 | ||||
| -rw-r--r-- | src/interfaces/libpq/fe-protocol3.c | 2 | ||||
| -rw-r--r-- | src/test/regress/pg_regress.c | 6 | ||||
| -rw-r--r-- | src/timezone/pgtz.c | 2 |
13 files changed, 46 insertions, 29 deletions
diff --git a/contrib/chkpass/chkpass.c b/contrib/chkpass/chkpass.c index dc66075f988..1795b8cde42 100644 --- a/contrib/chkpass/chkpass.c +++ b/contrib/chkpass/chkpass.c @@ -94,11 +94,13 @@ chkpass_in(PG_FUNCTION_ARGS) mysalt[2] = 0; /* technically the terminator is not necessary * but I like to play safe */ - if ((crypt_output = crypt(str, mysalt)) == NULL) + crypt_output = crypt(str, mysalt); + if (crypt_output == NULL) ereport(ERROR, (errcode(ERRCODE_INVALID_PARAMETER_VALUE), errmsg("crypt() failed"))); - strcpy(result->password, crypt_output); + + strlcpy(result->password, crypt_output, sizeof(result->password)); PG_RETURN_POINTER(result); } @@ -148,9 +150,16 @@ chkpass_eq(PG_FUNCTION_ARGS) chkpass *a1 = (chkpass *) PG_GETARG_POINTER(0); text *a2 = PG_GETARG_TEXT_PP(1); char str[9]; + char *crypt_output; text_to_cstring_buffer(a2, str, sizeof(str)); - PG_RETURN_BOOL(strcmp(a1->password, crypt(str, a1->password)) == 0); + crypt_output = crypt(str, a1->password); + if (crypt_output == NULL) + ereport(ERROR, + (errcode(ERRCODE_INVALID_PARAMETER_VALUE), + errmsg("crypt() failed"))); + + PG_RETURN_BOOL(strcmp(a1->password, crypt_output) == 0); } PG_FUNCTION_INFO_V1(chkpass_ne); @@ -160,7 +169,14 @@ chkpass_ne(PG_FUNCTION_ARGS) chkpass *a1 = (chkpass *) PG_GETARG_POINTER(0); text *a2 = PG_GETARG_TEXT_PP(1); char str[9]; + char *crypt_output; text_to_cstring_buffer(a2, str, sizeof(str)); - PG_RETURN_BOOL(strcmp(a1->password, crypt(str, a1->password)) != 0); + crypt_output = crypt(str, a1->password); + if (crypt_output == NULL) + ereport(ERROR, + (errcode(ERRCODE_INVALID_PARAMETER_VALUE), + errmsg("crypt() failed"))); + + PG_RETURN_BOOL(strcmp(a1->password, crypt_output) != 0); } diff --git a/contrib/pg_standby/pg_standby.c b/contrib/pg_standby/pg_standby.c index 144edd8a072..8ddd486c89e 100644 --- a/contrib/pg_standby/pg_standby.c +++ b/contrib/pg_standby/pg_standby.c @@ -327,7 +327,7 @@ SetWALFileNameForCleanup(void) if (strcmp(restartWALFileName, nextWALFileName) > 0) return false; - strcpy(exclusiveCleanupFileName, restartWALFileName); + strlcpy(exclusiveCleanupFileName, restartWALFileName, sizeof(exclusiveCleanupFileName)); return true; } diff --git a/src/backend/access/transam/xlog.c b/src/backend/access/transam/xlog.c index 85a0ce90180..76c244c915f 100644 --- a/src/backend/access/transam/xlog.c +++ b/src/backend/access/transam/xlog.c @@ -5844,7 +5844,7 @@ recoveryStopsAfter(XLogRecord *record) recoveryStopAfter = true; recoveryStopXid = InvalidTransactionId; (void) getRecordTimestamp(record, &recoveryStopTime); - strncpy(recoveryStopName, recordRestorePointData->rp_name, MAXFNAMELEN); + strlcpy(recoveryStopName, recordRestorePointData->rp_name, MAXFNAMELEN); ereport(LOG, (errmsg("recovery stopping at restore point \"%s\", time %s", @@ -6311,7 +6311,7 @@ StartupXLOG(void) * Save archive_cleanup_command in shared memory so that other processes * can see it. */ - strncpy(XLogCtl->archiveCleanupCommand, + strlcpy(XLogCtl->archiveCleanupCommand, archiveCleanupCommand ? archiveCleanupCommand : "", sizeof(XLogCtl->archiveCleanupCommand)); @@ -9107,7 +9107,7 @@ XLogRestorePoint(const char *rpName) xl_restore_point xlrec; xlrec.rp_time = GetCurrentTimestamp(); - strncpy(xlrec.rp_name, rpName, MAXFNAMELEN); + strlcpy(xlrec.rp_name, rpName, MAXFNAMELEN); rdata.buffer = InvalidBuffer; rdata.data = (char *) &xlrec; diff --git a/src/backend/tsearch/spell.c b/src/backend/tsearch/spell.c index 1ca64423297..1bc226d3347 100644 --- a/src/backend/tsearch/spell.c +++ b/src/backend/tsearch/spell.c @@ -255,7 +255,7 @@ NIAddSpell(IspellDict *Conf, const char *word, const char *flag) } Conf->Spell[Conf->nspell] = (SPELL *) tmpalloc(SPELLHDRSZ + strlen(word) + 1); strcpy(Conf->Spell[Conf->nspell]->word, word); - strncpy(Conf->Spell[Conf->nspell]->p.flag, flag, MAXFLAGLEN); + strlcpy(Conf->Spell[Conf->nspell]->p.flag, flag, MAXFLAGLEN); Conf->nspell++; } diff --git a/src/backend/utils/adt/datetime.c b/src/backend/utils/adt/datetime.c index 946adfad997..0d32428e407 100644 --- a/src/backend/utils/adt/datetime.c +++ b/src/backend/utils/adt/datetime.c @@ -89,10 +89,10 @@ const char *const days[] = {"Sunday", "Monday", "Tuesday", "Wednesday", * Note that this table must be strictly alphabetically ordered to allow an * O(ln(N)) search algorithm to be used. * - * The text field is NOT guaranteed to be NULL-terminated. + * The token field is NOT guaranteed to be NULL-terminated. * - * To keep this table reasonably small, we divide the lexval for TZ and DTZ - * entries by 15 (so they are on 15 minute boundaries) and truncate the text + * To keep this table reasonably small, we divide the value for TZ and DTZ + * entries by 15 (so they are on 15 minute boundaries) and truncate the token * field at TOKMAXLEN characters. * Formerly, we divided by 10 rather than 15 but there are a few time zones * which are 30 or 45 minutes away from an even hour, most are on an hour @@ -107,7 +107,7 @@ static datetkn *timezonetktbl = NULL; static int sztimezonetktbl = 0; static const datetkn datetktbl[] = { -/* text, token, lexval */ + /* token, type, value */ {EARLY, RESERV, DTK_EARLY}, /* "-infinity" reserved for "early time" */ {DA_D, ADBC, AD}, /* "ad" for years > 0 */ {"allballs", RESERV, DTK_ZULU}, /* 00:00:00 */ @@ -187,7 +187,7 @@ static const datetkn datetktbl[] = { static int szdatetktbl = sizeof datetktbl / sizeof datetktbl[0]; static const datetkn deltatktbl[] = { - /* text, token, lexval */ + /* token, type, value */ {"@", IGNORE_DTF, 0}, /* postgres relative prefix */ {DAGO, AGO, 0}, /* "ago" indicates negative time offset */ {"c", UNITS, DTK_CENTURY}, /* "century" relative */ @@ -4215,6 +4215,7 @@ ConvertTimeZoneAbbrevs(TimeZoneAbbrevTable *tbl, tbl->numabbrevs = n; for (i = 0; i < n; i++) { + /* do NOT use strlcpy here; token field need not be null-terminated */ strncpy(newtbl[i].token, abbrevs[i].abbrev, TOKMAXLEN); newtbl[i].type = abbrevs[i].is_dst ? DTZ : TZ; TOVAL(&newtbl[i], abbrevs[i].offset / MINS_PER_HOUR); diff --git a/src/bin/initdb/findtimezone.c b/src/bin/initdb/findtimezone.c index 0d28185f3cd..bc1f2c2c973 100644 --- a/src/bin/initdb/findtimezone.c +++ b/src/bin/initdb/findtimezone.c @@ -68,7 +68,7 @@ pg_open_tzfile(const char *name, char *canonname) if (canonname) strlcpy(canonname, name, TZ_STRLEN_MAX + 1); - strcpy(fullname, pg_TZDIR()); + strlcpy(fullname, pg_TZDIR(), sizeof(fullname)); if (strlen(fullname) + 1 + strlen(name) >= MAXPGPATH) return -1; /* not gonna fit */ strcat(fullname, "/"); @@ -375,7 +375,7 @@ identify_system_timezone(void) } /* Search for the best-matching timezone file */ - strcpy(tmptzdir, pg_TZDIR()); + strlcpy(tmptzdir, pg_TZDIR(), sizeof(tmptzdir)); bestscore = -1; resultbuf[0] = '\0'; scan_available_timezones(tmptzdir, tmptzdir + strlen(tmptzdir) + 1, diff --git a/src/bin/pg_basebackup/pg_basebackup.c b/src/bin/pg_basebackup/pg_basebackup.c index b5682d6f511..3d155e8907c 100644 --- a/src/bin/pg_basebackup/pg_basebackup.c +++ b/src/bin/pg_basebackup/pg_basebackup.c @@ -921,9 +921,9 @@ ReceiveAndUnpackTarFile(PGconn *conn, PGresult *res, int rownum) FILE *file = NULL; if (basetablespace) - strcpy(current_path, basedir); + strlcpy(current_path, basedir, sizeof(current_path)); else - strcpy(current_path, PQgetvalue(res, rownum, 1)); + strlcpy(current_path, PQgetvalue(res, rownum, 1), sizeof(current_path)); /* * Get the COPY data @@ -1454,7 +1454,7 @@ BaseBackup(void) disconnect_and_exit(1); } - strcpy(xlogstart, PQgetvalue(res, 0, 0)); + strlcpy(xlogstart, PQgetvalue(res, 0, 0), sizeof(xlogstart)); /* * 9.3 and later sends the TLI of the starting point. With older servers, @@ -1565,7 +1565,7 @@ BaseBackup(void) progname); disconnect_and_exit(1); } - strcpy(xlogend, PQgetvalue(res, 0, 0)); + strlcpy(xlogend, PQgetvalue(res, 0, 0), sizeof(xlogend)); if (verbose && includewal) fprintf(stderr, "transaction log end point: %s\n", xlogend); PQclear(res); diff --git a/src/common/exec.c b/src/common/exec.c index 4aadfd7fd01..037bef2210c 100644 --- a/src/common/exec.c +++ b/src/common/exec.c @@ -68,7 +68,7 @@ validate_exec(const char *path) if (strlen(path) >= strlen(".exe") && pg_strcasecmp(path + strlen(path) - strlen(".exe"), ".exe") != 0) { - strcpy(path_exe, path); + strlcpy(path_exe, path, sizeof(path_exe) - 4); strcat(path_exe, ".exe"); path = path_exe; } @@ -277,7 +277,7 @@ resolve_symlinks(char *path) } /* must copy final component out of 'path' temporarily */ - strcpy(link_buf, fname); + strlcpy(link_buf, fname, sizeof(link_buf)); if (!getcwd(path, MAXPGPATH)) { diff --git a/src/interfaces/ecpg/preproc/pgc.l b/src/interfaces/ecpg/preproc/pgc.l index 3bd63b353d0..744a8d3a022 100644 --- a/src/interfaces/ecpg/preproc/pgc.l +++ b/src/interfaces/ecpg/preproc/pgc.l @@ -1334,7 +1334,7 @@ parse_include(void) yytext[i] = '\0'; memmove(yytext, yytext+1, strlen(yytext)); - strncpy(inc_file, yytext, sizeof(inc_file)); + strlcpy(inc_file, yytext, sizeof(inc_file)); yyin = fopen(inc_file, "r"); if (!yyin) { diff --git a/src/interfaces/libpq/fe-protocol2.c b/src/interfaces/libpq/fe-protocol2.c index fe7f8b8d2b3..f3fddaa0364 100644 --- a/src/interfaces/libpq/fe-protocol2.c +++ b/src/interfaces/libpq/fe-protocol2.c @@ -500,7 +500,7 @@ pqParseInput2(PGconn *conn) if (!conn->result) return; } - strncpy(conn->result->cmdStatus, conn->workBuffer.data, + strlcpy(conn->result->cmdStatus, conn->workBuffer.data, CMDSTATUS_LEN); checkXactStatus(conn, conn->workBuffer.data); conn->asyncStatus = PGASYNC_READY; diff --git a/src/interfaces/libpq/fe-protocol3.c b/src/interfaces/libpq/fe-protocol3.c index e2ba8d651f4..47cd7f487f0 100644 --- a/src/interfaces/libpq/fe-protocol3.c +++ b/src/interfaces/libpq/fe-protocol3.c @@ -206,7 +206,7 @@ pqParseInput3(PGconn *conn) if (!conn->result) return; } - strncpy(conn->result->cmdStatus, conn->workBuffer.data, + strlcpy(conn->result->cmdStatus, conn->workBuffer.data, CMDSTATUS_LEN); conn->asyncStatus = PGASYNC_READY; break; diff --git a/src/test/regress/pg_regress.c b/src/test/regress/pg_regress.c index 9bc19eaddc4..3a492449fb9 100644 --- a/src/test/regress/pg_regress.c +++ b/src/test/regress/pg_regress.c @@ -1221,7 +1221,7 @@ results_differ(const char *testname, const char *resultsfile, const char *defaul */ platform_expectfile = get_expectfile(testname, resultsfile); - strcpy(expectfile, default_expectfile); + strlcpy(expectfile, default_expectfile, sizeof(expectfile)); if (platform_expectfile) { /* @@ -1276,7 +1276,7 @@ results_differ(const char *testname, const char *resultsfile, const char *defaul { /* This diff was a better match than the last one */ best_line_count = l; - strcpy(best_expect_file, alt_expectfile); + strlcpy(best_expect_file, alt_expectfile, sizeof(best_expect_file)); } free(alt_expectfile); } @@ -1304,7 +1304,7 @@ results_differ(const char *testname, const char *resultsfile, const char *defaul { /* This diff was a better match than the last one */ best_line_count = l; - strcpy(best_expect_file, default_expectfile); + strlcpy(best_expect_file, default_expectfile, sizeof(best_expect_file)); } } diff --git a/src/timezone/pgtz.c b/src/timezone/pgtz.c index 8a3c53f27ac..3c161df15af 100644 --- a/src/timezone/pgtz.c +++ b/src/timezone/pgtz.c @@ -83,7 +83,7 @@ pg_open_tzfile(const char *name, char *canonname) * Loop to split the given name into directory levels; for each level, * search using scan_directory_ci(). */ - strcpy(fullname, pg_TZDIR()); + strlcpy(fullname, pg_TZDIR(), sizeof(fullname)); orignamelen = fullnamelen = strlen(fullname); fname = name; for (;;) |