| Age | Commit message (Collapse) | Author |
|---|
|
failed to cover all the ways in which a connection can be initiated in dblink.
Plug the remaining holes. Also, disallow transient connections in functions
for which that feature makes no sense (because they are only sensible as
part of a sequence of operations on the same connection). Joe Conway
Security: CVE-2007-6601
|
|
test of that.
Patch by Bruce Momjian <bruce@momjian.us>
|
|
per suggestion from Tom Lane. This fixes crash-bug reported by Stefan
Schwarzer.
|
|
which is the case at least on some Solaris versions. Marko Kreen
|
|
function didn't return correct result for word position greate than
limit.
Per report from Stuart Bishop <stuart@stuartbishop.net>
|
|
contrib/intarray's GIN opclass override the built-in default. Per bug #3048
and other complaints.
|
|
|
|
Per Daniele Varrazzo <piro@develer.com> bug report.
|
|
really a glaring security hole is bt_page_items, there's not a very good
use-case for letting ordinary users use 'em, either.
|
|
padded encryption scheme. Formerly it would try to access res[(unsigned) -1],
which resulted in core dumps on 64-bit machines, and was certainly trouble
waiting to happen on 32-bit machines (though in at least the known case
it was harmless because that byte would be overwritten after return).
Per report from Ken Colson; fix by Marko Kreen.
|
|
|
|
a warning but was outright wrong.
|
|
to prevent possible escalation of privilege. Provide new SECURITY
DEFINER functions with old behavior, but initially REVOKE ALL
from public for these functions. Per list discussion and design
proposed by Tom Lane.
|
|
Per report from Listmail <lists@peufeu.com>
|
|
sizeof(wchar_t) = 2 instead of 4.
|
|
reported in some cases. Report and patch from Tatsuhito Kasahara.
Also fix a couple of other bugs I noticed in skimming the surrounding code.
|
|
fix it. Add macroses DatumGetNDBOX, PG_GETARG_NDBOX and PG_RETURN_NDBOX.
Backpatch for 8.2 too.
Previous versions use version 0 calling conventions. And fmgr code detoast
values for user-defined functions.
|
|
Per report from Jon Rosebaugh <jon@inklesspen.com>
|
|
Slightly reworked patch from Tatsuo Ishii
|
|
Call srandom() instead of srand().
pgbench calls random() later, so it should have called srandom().
On most platforms except Windows srandom() is actually identical
to srand(), so the bug only bites Windows users.
per bug report from Akio Ishida.
|
|
the 8.1 SQL function definition for it. Per report from Rajesh Kumar Mallah,
such a DBA error doesn't seem at all improbable, and the cost of checking for
it is not very high compared to the cost of running this function. (It would
have been better to change the C name of the function so it wouldn't be called
by the old SQL definition, but it's too late for that now in the 8.2 branch.)
|
|
|
|
|
|
Previous versions aren't affected.
Fix synonym dictionary init: string should be malloc'ed, not palloc'ed. Bug
introduced recently while fixing lowerstr().
|
|
commutator operators, and mark hash-opclass members as oprcanhash.
This is a pretty ugly, brute-force solution, but it seems that getting
rid of all these redundant-looking operators would require some tweaks
in the core operator-resolution code to behave nicely, and I'm not
willing to risk that just before RC1.
|
|
|
|
|
|
|
|
Fix string's length calculation for recoding, fix strlower() to avoid wrong
assumption about length of recoded string (was: recoded string is no greater
that source, it may not true for multibyte encodings)
Thanks to Thomas H. <me@alternize.com> and Magnus Hagander <mha@sollentuna.net>
|
|
for NULL-ness of function arguments is wasted code.
|
|
|
|
|
|
the backend should rely on its working-directory setting instead.
Also do some message-style police work in contrib/adminpack.
|
|
|
|
|
|
scenarios. With multiple clinets, only the first client got the right
scaling factor and this gave a illusion of better performance in case
of the scaling factor greater than 1.
|
|
and avoid scribbling on its result (might be safe but why risk it)
|
|
|
|
instead of inserting an MSVC dependency.
|
|
|
|
be NULL ... seems an unsafe assumption.
|
|
from Magnus that MSVC complains about this.
|
|
|
|
per Magnus.
|
|
'exist' and 'defined' accordingly. Old names
are saved not mentioned in docs - for compatibility
with old applications.
Per discussion
http://archives.postgresql.org/pgsql-hackers/2006-10/msg00571.php
|
|
max_stack_depth is not set to an unsafe value.
This commit also provides configure-time checking for <sys/resource.h>,
and cleans up some perhaps-unportable code associated with use of that
include file and getrlimit().
|
|
static variables. This avoids any risk of potential non-reentrancy,
and in particular offers a much cleaner workaround for the Intel compiler
bug that was affecting ginutil.c.
|
|
provide the bad input, and be sure to mention that we are talking about
a tsearch query.
|
|
|
|
Robert Treat
|
