← Back to branch summary

~ubuntu-branches/ubuntu/utopic/postgresql-9.4/utopic-security

« back to all changes in this revision

Viewing changes to src/backend/executor/execUtils.c

  • Committer: Package Import Robot
  • Author(s): Martin Pitt, CVE-2014-8161
  • Date: 2015-02-06 12:31:46 UTC
  • mfrom: (1.1.5) (7.1.2 utopic-proposed)
  • Revision ID: package-import@ubuntu.com-20150206123146-vtmf30jbkm7w16p8
Tags: 9.4.1-0ubuntu0.14.10
https://launchpad.net/bugs/1418928
* New upstream security/bug fix release (LP: #1418928)
  - Fix buffer overruns in to_char() [CVE-2015-0241]
  - Fix buffer overruns in contrib/pgcrypto [CVE-2015-0243]
  - Fix possible loss of frontend/backend protocol synchronization after an
    error [CVE-2015-0244]
  - Fix information leak via constraint-violation error messages
    [CVE-2014-8161]
  - See release notes for details about other fixes:
    http://www.postgresql.org/about/news/1569/

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/backend/executor/execUtils.c
1323
1323
                                        (errcode(ERRCODE_EXCLUSION_VIOLATION),
1324
1324
                                         errmsg("could not create exclusion constraint \"%s\"",
1325
1325
                                                        RelationGetRelationName(index)),
1326
 
                                         errdetail("Key %s conflicts with key %s.",
1327
 
                                                           error_new, error_existing),
 
1326
                                         error_new && error_existing ?
 
1327
                                                errdetail("Key %s conflicts with key %s.",
 
1328
                                                                  error_new, error_existing) :
 
1329
                                                errdetail("Key conflicts exist."),
1328
1330
                                         errtableconstraint(heap,
1329
1331
                                                                                RelationGetRelationName(index))));
1330
1332
                else
1332
1334
                                        (errcode(ERRCODE_EXCLUSION_VIOLATION),
1333
1335
                                         errmsg("conflicting key value violates exclusion constraint \"%s\"",
1334
1336
                                                        RelationGetRelationName(index)),
1335
 
                                         errdetail("Key %s conflicts with existing key %s.",
1336
 
                                                           error_new, error_existing),
 
1337
                                         error_new && error_existing ?
 
1338
                                                errdetail("Key %s conflicts with existing key %s.",
 
1339
                                                                  error_new, error_existing) :
 
1340
                                                errdetail("Key conflicts with existing key."),
1337
1341
                                         errtableconstraint(heap,
1338
1342
                                                                                RelationGetRelationName(index))));
1339
1343
        }