Обсуждение: Buffer overuns with the Electric fence debugging library
Hi everybody, The electricfence library is a tool which helps us to detect buffer overruns in C programs. Linking Postgresql with this library gives at least 3 errors I have found until now. The errors manifest themselves in sql statements like: 1. create table test(f1 int); This one allways fails. 2. select * from pg_shadow Only some tables give errors so the problem seems to be related to the type/alignment of fields in the tables. The errors are all found in the DataFill function called from heap_from_tuple. I'm using a snapshot version of postgresql downloaded around the release date 6.3. This all is on Linux (Redhat 4.0) with Electric Fence version 2.0.5. Do you guys feel comfortable with a database which has reproducible buffer overuns? I think it would be great is somebody who has more experience with postgresql than I were to look at this. I am now going to do some work which I actually get paid to do! With regards from Maurice.
> > Hi everybody, > > The electricfence library is a tool which helps us to detect > buffer overruns in C programs. > > Linking Postgresql with this library gives at least 3 errors I have found > until now. > > The errors manifest themselves in sql statements like: > 1. create table test(f1 int); > This one allways fails. > 2. select * from pg_shadow > Only some tables give errors so the problem seems to be related > to the type/alignment of fields in the tables. > > The errors are all found in the DataFill function called from > heap_from_tuple. > > I'm using a snapshot version of postgresql downloaded around > the release date 6.3. > > This all is on Linux (Redhat 4.0) with Electric Fence version 2.0.5. > > Do you guys feel comfortable with a database which has reproducible > buffer overuns? > > I think it would be great is somebody who has more experience with > postgresql than I were to look at this. > > I am now going to do some work which I actually get paid to do! > > With regards from Maurice. > > > > Can you send us the lines that cause the problem? I will look at them. I have electric fence here on BSDI, but it really takes some time to run. -- Bruce Momjian | 830 Blythe Avenue maillist@candle.pha.pa.us | Drexel Hill, Pennsylvania 19026 + If your life is a hard drive, | (610) 353-9879(w) + Christ can be your backup. | (610) 853-3000(h)
On Wed, 18 Mar 1998, Maurice Gittens wrote: > Do you guys feel comfortable with a database which has reproducible > buffer overuns? Nope, but only a very few ppl appear to have the software to detect them, and with the size of the code base for this, we sort of rely on those with those tools to help out... Efforts you can provide in this area would be much appreciated, even if only insofar as providing points to sections of code that should be checked... Marc G. Fournier Systems Administrator @ hub.org primary: scrappy@hub.org secondary: scrappy@{freebsd|postgresql}.org
Re: [HACKERS] Buffer overuns with the Electric fence debugging library
От
dg@illustra.com (David Gould)
Дата:
Marc G. Fournier writes: > On Wed, 18 Mar 1998, Maurice Gittens wrote: > > > Do you guys feel comfortable with a database which has reproducible > > buffer overuns? > > Nope, but only a very few ppl appear to have the software to > detect them, and with the size of the code base for this, we sort of rely > on those with those tools to help out... > > Efforts you can provide in this area would be much appreciated, > even if only insofar as providing points to sections of code that should > be checked... I agree with Marcs comments here, but would like to add that ElectricFence is freely available at least on Linux systems. It is a long way from Purify, but it beats sitting around scratching your head. -dg David Gould dg@illustra.com 510.628.3783 or 510.305.9468 Informix Software (No, really) 300 Lakeside Drive Oakland, CA 94612 - I realize now that irony has no place in business communications.
On Wed, 18 Mar 1998, David Gould wrote: > I agree with Marcs comments here, but would like to add that ElectricFence is > freely available at least on Linux systems. It is a long way from Purify, > but it beats sitting around scratching your head. URL for the software? I'd like to see if they at least have a FreeBSD port that I can use :) Marc G. Fournier Systems Administrator @ hub.org primary: scrappy@hub.org secondary: scrappy@{freebsd|postgresql}.org
Re: [HACKERS] Buffer overuns with the Electric fence debugging library
От
dg@illustra.com (David Gould)
Дата:
> > On Wed, 18 Mar 1998, David Gould wrote: > > > I agree with Marcs comments here, but would like to add that ElectricFence is > > freely available at least on Linux systems. It is a long way from Purify, > > but it beats sitting around scratching your head. > > URL for the software? I'd like to see if they at least have a > FreeBSD port that I can use :) I just got it off the CD myself, but I ftp.redhat.com has it in the redhat 5.0 distribution area. Look in the SRPMS for: ElectricFence-2.0.5-5.src.rpm Or, if you don't have rpm, AltaVista turned up some bsd entries too. -dg David Gould dg@illustra.com 510.628.3783 or 510.305.9468 Informix Software (No, really) 300 Lakeside Drive Oakland, CA 94612 - I realize now that irony has no place in business communications.