← Back to branch summary

~ubuntu-branches/ubuntu/utopic/postgresql-9.4/utopic-security

« back to all changes in this revision

Viewing changes to contrib/fuzzystrmatch/dmetaphone.c

  • Committer: Package Import Robot
  • Author(s): Martin Pitt, CVE-2014-8161
  • Date: 2015-02-06 12:31:46 UTC
  • mfrom: (1.1.5) (7.1.2 utopic-proposed)
  • Revision ID: package-import@ubuntu.com-20150206123146-vtmf30jbkm7w16p8
Tags: 9.4.1-0ubuntu0.14.10
https://launchpad.net/bugs/1418928
* New upstream security/bug fix release (LP: #1418928)
  - Fix buffer overruns in to_char() [CVE-2015-0241]
  - Fix buffer overruns in contrib/pgcrypto [CVE-2015-0243]
  - Fix possible loss of frontend/backend protocol synchronization after an
    error [CVE-2015-0244]
  - Fix information leak via constraint-violation error messages
    [CVE-2014-8161]
  - See release notes for details about other fixes:
    http://www.postgresql.org/about/news/1569/

Show diffs side-by-side

added added

removed removed

Lines of Context:
contrib/fuzzystrmatch/dmetaphone.c
359
359
        {
360
360
                test = va_arg(ap, char *);
361
361
                if (*test && (strncmp(pos, test, length) == 0))
 
362
                {
 
363
                        va_end(ap);
362
364
                        return 1;
 
365
                }
363
366
        }
364
367
        while (strcmp(test, "") != 0);
365
368