| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Back in the day this did not work, but modern compilers should handle it themselves.
|
|
Found and fixed by Andres Freund.
|
|
Patch by Michael Paquier
|
|
|
|
When ecpg was rewritten to the new protocol version not all variable types
were corrected. This patch rewrites the code for these types to fix that. It
also fixes the documentation to correctly tell the status of array handling.
|
|
actually check the returned pointer allocated, potentially NULL which
could be the result of a malloc call.
Issue noted by Coverity, fixed by Michael Paquier <michael@otacoo.com>
|
|
These are fairly obscure cases, but let's keep Coverity happy.
Michael Paquier with some further fixes by me.
|
|
strncpy() has a well-deserved reputation for being unsafe, so make an
effort to get rid of nearly all occurrences in HEAD.
A large fraction of the remaining uses were passing length less than or
equal to the known strlen() of the source, in which case no null-padding
can occur and the behavior is equivalent to memcpy(), though doubtless
slower and certainly harder to reason about. So just use memcpy() in
these cases.
In other cases, use either StrNCpy() or strlcpy() as appropriate (depending
on whether padding to the full length of the destination buffer seems
useful).
I left a few strncpy() calls alone in the src/timezone/ code, to keep it
in sync with upstream (the IANA tzcode distribution). There are also a
few such calls in ecpg that could possibly do with more analysis.
AFAICT, none of these changes are more than cosmetic, except for the four
occurrences in fe-secure-openssl.c, which are in fact buggy: an overlength
source leads to a non-null-terminated destination buffer and ensuing
misbehavior. These don't seem like security issues, first because no stack
clobber is possible and second because if your values of sslcert etc are
coming from untrusted sources then you've got problems way worse than this.
Still, it's undesirable to have unpredictable behavior for overlength
inputs, so back-patch those four changes to all active branches.
|
|
This includes removing tabs after periods in C comments, which was
applied to back branches, so this change should not effect backpatching.
|
|
When array of char * was used as target for a FETCH statement returning more
than one row, it tried to store all the result in the first element. Instead it
should dump array of char pointers with right offset, use the address instead
of the value of the C variable while reading the array and treat such variable
as char **, instead of char * for pointer arithmetic.
Patch by Ashutosh Bapat <ashutosh.bapat@enterprisedb.com>
|
|
A number of issues were identified by the Coverity scanner and are
addressed in this patch. None of these appear to be security issues
and many are mostly cosmetic changes.
Short comments for each of the changes follows.
Correct the semi-colon placement in be-secure.c regarding SSL retries.
Remove a useless comparison-to-NULL in proc.c (value is dereferenced
prior to this check and therefore can't be NULL).
Add checking of chmod() return values to initdb.
Fix a couple minor memory leaks in initdb.
Fix memory leak in pg_ctl- involves free'ing the config file contents.
Use an int to capture fgetc() return instead of an enum in pg_dump.
Fix minor memory leaks in pg_dump.
(note minor change to convertOperatorReference()'s API)
Check fclose()/remove() return codes in psql.
Check fstat(), find_my_exec() return codes in psql.
Various ECPG memory leak fixes.
Check find_my_exec() return in ECPG.
Explicitly ignore pqFlush return in libpq error-path.
Change PQfnumber() to avoid doing an strdup() when no changes required.
Remove a few useless check-against-NULL's (value deref'd beforehand).
Check rmtree(), malloc() results in pg_regress.
Also check get_alternative_expectfile() return in pg_regress.
|
|
Split the rather long ecpg_execute() function into ecpg_build_params(),
ecpg_autostart_transaction(), a smaller ecpg_execute() and
ecpg_process_output(). There is no user-visible change here, only code
reorganization to support future patches.
Author: Zoltán Böszörményi
Reviewed by Antonin Houska. Larger, older versions of this patch were
reviewed by Noah Misch and Michael Meskes.
|
|
This splits ECPGdo() into ecpg_prologue(), ecpg_do() and
ecpg_epilogue(), and renames free_params() into ecpg_free_params() and
exports it. This makes it possible for future code to use these
routines for their own purposes.
There is no user-visible functionality change here, only code
reorganization.
Zoltán Böszörményi
Reviewed by Antonin Houska. Larger, older versions of this patch were
reviewed by Noah Misch and Michael Meskes.
|
|
Patch by Boszormenyi Zoltan <zb@cybertec.at>
|
|
commit-fest.
|
|
found by Coverity
|
|
|
|
Always compare the return value to 0, don't use cute tricks like
if (!strcmp(...)).
|
|
This addresses only those cases that are easy to fix by adding or
moving a const qualifier or removing an unnecessary cast. There are
many more complicated cases remaining.
|
|
Add __attribute__ decorations for printf format checking to the places that
were missing them. Fix the resulting warnings. Add
-Wmissing-format-attribute to the standard set of warnings for GCC, so these
don't happen again.
The warning fixes here are relatively harmless. The one serious problem
discovered by this was already committed earlier in
cf15fb5cabfbc71e07be23cfbc813daee6c5014f.
|
|
|
|
fit PostgreSQL style.
|
|
|
|
Patch originally by Akira Kurosawa <kurosawa-akira@mxc.nes.nec.co.jp>.
|
|
|
|
instead."
This reverts commit 9b1508af8971c1627cda5bb65f5e9eddb9a1a55e.
As requested by Tom.
|
|
|
|
ecpglib. Instead of parsing the statement just as ask the database server. This
patch removes the whole client side track keeping of the current transaction
status.
|
|
|
|
|
|
'AC_TYPE_LONG_LONG_INT' macro call.
|
|
used to cover the equally long "long long" type. This patch closes bug #5464.
|
|
|
|
By Zoltán Böszörményi
|
|
fixing yet another incorrect log output.
|
|
machines are all rejecting isinf() calls in this file.
|
|
making it OS independant.
Patch done by Zoltán Böszörményi.
|
|
reverse yes and no.
|
|
auto-prepare mode if the connection is closed and re-opened and the previously prepared query is issued again.
|
|
ecpg in both native and compatiblity mode.
|
|
|
|
based on a patch send in by Böszörményi Zoltán <zb@cybertec.at>.
|
|
provided by Andrew.
|
|
|
|
|
|
|
|
|
|
|
|
Replace leftover instances of _() by ecpg_gettext(), the latter being the
correct way to refer to the library's message catalog, instead of the one of
the program using the library.
Drop NLS support for ecpg_log(), which is a debugging instrument similar to
elog() in the backend.
We cannot support NLS in the ecpg compatlib, because that requires
ecpg_gettext, which is in ecpglib, which is not a dependency of compatlib. It
doesn't seem worthwhile to worry about this, since the only translatable
string is "out of memory", and gettext probably won't be able to do much
without memory either.
Adjust messages to project style.
|
