db/pgbackrest
1
0
Fork 0
mirror of https://github.com/pgbackrest/pgbackrest.git synced 2025-07-03 00:26:59 +02:00
Code Issues Releases Activity

Fix potential buffer overrun in error message handling.

Browse Source 
Reported by Lætitia.
This commit is contained in:
David Steele
2018-05-21 08:06:31 -04:00
parent 72a9684d4e
commit e69d5fbf62
3 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
doc/xml/release.xml
View File

@ -14,6 +14,16 @@
<release-list>
<release date="XXXX-XX-XX" version="2.03dev" title="UNDER DEVELOPMENT">
<release-core-list>
<release-bug-list>
<release-item>
<release-item-contributor-list>
<release-item-ideator id="loxo.lætitia"/>
</release-item-contributor-list>
<p>Fix potential buffer overrun in error message handling.</p>
</release-item>
</release-bug-list>
<release-improvement-list>
<release-item>
<release-item-contributor-list>

4
src/common/error.c
View File

@ -387,7 +387,9 @@ errorInternalThrow(const ErrorType *errorType, const char *fileName, const char
errorContext.error.fileLine = fileLine;
// Assign message to the error
strcpy(messageBuffer, message);
strncpy(messageBuffer, message, sizeof(messageBuffer));
messageBuffer[sizeof(messageBuffer) - 1] = 0;
errorContext.error.message = (const char *)messageBuffer;
// Generate the stack trace for the error

6
test/src/module/common/errorTest.c
View File

@ -122,7 +122,10 @@ testRun()
assert(errorTryDepth() == 4);
tryDone = true;
THROW(AssertError, BOGUS_STR);
char bigMessage[sizeof(messageBuffer) * 32];
memset(bigMessage, 'A', sizeof(bigMessage));
THROW(AssertError, bigMessage);
}
TRY_END();
}
@ -151,6 +154,7 @@ testRun()
{
assert(errorTryDepth() == 1);
assert(errorContext.tryList[1].state == errorStateCatch);
assert(strlen(errorMessage()) == sizeof(messageBuffer) - 1);
catchDone = true;
}