← Back to branch summary

~ubuntu-branches/ubuntu/oneiric/postgresql-9.1/oneiric-security

« back to all changes in this revision

Viewing changes to src/bin/initdb/initdb.c

  • Committer: Package Import Robot
  • Author(s): Martin Pitt
  • Date: 2013-02-05 18:13:52 UTC
  • mfrom: (1.1.10) (10.1.5 oneiric-proposed)
  • Revision ID: package-import@ubuntu.com-20130205181352-3kw4f94ilqklzm7c
Tags: 9.1.8-0ubuntu11.10
https://launchpad.net/bugs/1116336
* New upstream security/bug fix release: (LP: #1116336)
  - Prevent execution of enum_recv from SQL
    The function was misdeclared, allowing a simple SQL command to crash the
    server.  In principle an attacker might be able to use it to examine the
    contents of server memory.  Our thanks to Sumit Soni (via Secunia SVCRP)
    for reporting this issue. (CVE-2013-0255)
  - See HISTORY/changelog.gz for the other bug fixes.

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/bin/initdb/initdb.c
373
373
        int                     maxlength = 1,
374
374
                                linelen = 0;
375
375
        int                     nlines = 0;
 
376
        int                     n;
376
377
        char      **result;
377
378
        char       *buffer;
378
379
        int                     c;
410
411
 
411
412
        /* now reprocess the file and store the lines */
412
413
        rewind(infile);
413
 
        nlines = 0;
414
 
        while (fgets(buffer, maxlength + 1, infile) != NULL)
415
 
                result[nlines++] = xstrdup(buffer);
 
414
        n = 0;
 
415
        while (fgets(buffer, maxlength + 1, infile) != NULL && n < nlines)
 
416
                result[n++] = xstrdup(buffer);
416
417
 
417
418
        fclose(infile);
418
419
        free(buffer);
419
 
        result[nlines] = NULL;
 
420
        result[n] = NULL;
420
421
 
421
422
        return result;
422
423
}
2654
2655
        if (optind < argc)
2655
2656
        {
2656
2657
                fprintf(stderr, _("%s: too many command-line arguments (first is \"%s\")\n"),
2657
 
                                progname, argv[optind + 1]);
 
2658
                                progname, argv[optind]);
2658
2659
                fprintf(stderr, _("Try \"%s --help\" for more information.\n"),
2659
2660
                                progname);
2660
2661
                exit(1);