Обсуждение: BUG #5101: Off-by-one error in bitncmp() in src/backend/utils/adt/network.c
BUG #5101: Off-by-one error in bitncmp() in src/backend/utils/adt/network.c
От
"Chris Mikkelson"
Дата:
The following bug has been logged online: Bug reference: 5101 Logged by: Chris Mikkelson Email address: cmikk@qwest.net PostgreSQL version: 8.4.1(+earlier) Operating system: all Description: Off-by-one error in bitncmp() in src/backend/utils/adt/network.c Details: When comparing a number of bits divisible by 8, bitncmp() may dereference a pointer one byte out of bounds. The following patch against 8.4.1 incorporates the fix made to bitncmp() in the BIND source tree: *** src/backend/utils/adt/network.c.orig 2009-10-07 12:32:13.000000000 -0500 --- src/backend/utils/adt/network.c 2009-10-07 12:32:45.000000000 -0500 *************** bitncmp(void *l, void *r, int n) *** 972,979 **** b = n / 8; x = memcmp(l, r, b); ! if (x) ! return x; lb = ((const u_char *) l)[b]; rb = ((const u_char *) r)[b]; --- 972,979 ---- b = n / 8; x = memcmp(l, r, b); ! if (x || (n % 8) == 0) ! return (x); lb = ((const u_char *) l)[b]; rb = ((const u_char *) r)[b];
Re: BUG #5101: Off-by-one error in bitncmp() in src/backend/utils/adt/network.c
От
Heikki Linnakangas
Дата:
Chris Mikkelson wrote: > The following bug has been logged online: > > Bug reference: 5101 > Logged by: Chris Mikkelson > Email address: cmikk@qwest.net > PostgreSQL version: 8.4.1(+earlier) > Operating system: all > Description: Off-by-one error in bitncmp() in > src/backend/utils/adt/network.c > Details: > > When comparing a number of bits divisible by 8, bitncmp() may dereference a > pointer one byte out > of bounds. > > The following patch against 8.4.1 incorporates the fix made to bitncmp() in > the BIND source tree: Thanks, applied. -- Heikki Linnakangas EnterpriseDB http://www.enterprisedb.com