From df2c740c94f255077848fdef69df47630273feac Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Sun, 12 Feb 2006 22:33:14 +0000 Subject: Fix bug in SET SESSION AUTHORIZATION that allows unprivileged users to crash the server, if it has been compiled with Asserts enabled (CVE-2006-0553). Thanks to Akio Ishida for reporting this problem. --- src/backend/commands/variable.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'src/backend/commands/variable.c') diff --git a/src/backend/commands/variable.c b/src/backend/commands/variable.c index 30173e4cabd..b1d970b9ab0 100644 --- a/src/backend/commands/variable.c +++ b/src/backend/commands/variable.c @@ -9,7 +9,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/backend/commands/variable.c,v 1.105.4.2 2005/08/08 23:39:14 tgl Exp $ + * $PostgreSQL: pgsql/src/backend/commands/variable.c,v 1.105.4.3 2006/02/12 22:33:14 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -619,7 +619,9 @@ assign_client_encoding(const char *value, bool doit, GucSource source) * by the numeric userid, followed by a comma, followed by the user name. * This cannot be confused with a plain user name because of the NAMEDATALEN * limit on names, so we can tell whether we're being passed an initial - * username or a saved/restored value. + * username or a saved/restored value. (NOTE: we rely on guc.c to have + * properly truncated any incoming value, but not to truncate already-stored + * values. See GUC_IS_NAME processing.) */ extern char *session_authorization_string; /* in guc.c */ -- cgit v1.2.3