From 9c89540227221ee9001868542fa9f8e5bdceae53 Mon Sep 17 00:00:00 2001 From: Palle Girgensohn Date: Sat, 19 Feb 2005 12:07:46 +0000 Subject: Fix security alert using a patch from PostgreSQL's CVS repository: Prevent overrunning a heap-allocated buffer if more than 1024 parameters to a refcursor declaration are specified. This is a minimally-invasive fix for the buffer overrun. Define LATEST_LINK to avoid package name clashes between the different branches of PostgreSQL. [1] (Since postgresql-tcltk is hardwired to branch 7.4, keep its LATEST_LINK to a generic value.) Set UNIQUENAME and let it be the same for server & client, so each branch's ports will share the same options file. This adds some no-op knobs to the -client port, but IMO it is better this way. Add space inside paranthesis in OSVERSION conditional to work around (ancient) make bug. [2] Remove the Rendez-Vouz knob for 8.0 since I can't find the software needed to even compile it on FreeBSD. Bump portrevision (for -server only). Noted by: kris [1] PR: ports/77530 [2] Security: http://www.vuxml.org/freebsd/6b4b0b3f-8127-11d9-a9e7-0001020eed82.html Approved by: seanc (mentor) --- .../files/patch-src-pl-plpgsql-src-gram-y | 77 ++++++++++++++++++++++ 1 file changed, 77 insertions(+) create mode 100644 databases/postgresql74-server/files/patch-src-pl-plpgsql-src-gram-y (limited to 'databases/postgresql74-server/files') diff --git a/databases/postgresql74-server/files/patch-src-pl-plpgsql-src-gram-y b/databases/postgresql74-server/files/patch-src-pl-plpgsql-src-gram-y new file mode 100644 index 000000000000..053c44d5baf8 --- /dev/null +++ b/databases/postgresql74-server/files/patch-src-pl-plpgsql-src-gram-y @@ -0,0 +1,77 @@ +--- src/pl/plpgsql/src/gram.y 2005/01/21 00:31:21 1.48.2.1 REL7_4_7 ++++ src/pl/plpgsql/src/gram.y 2005/02/08 18:22:11 1.48.2.3 REL7_4_STABLE +@@ -4,7 +4,7 @@ + * procedural language + * + * IDENTIFICATION +- * $Header: /cvsroot/pgsql/src/pl/plpgsql/src/gram.y,v 1.48.2.1 2005/01/21 00:31:21 neilc Exp $ ++ * $Header: /cvsroot/pgsql/src/pl/plpgsql/src/gram.y,v 1.48.2.3 2005/02/08 18:22:11 tgl Exp $ + * + * This software is copyrighted by Jan Wieck - Hamburg. + * +@@ -1699,6 +1699,16 @@ read_sql_construct(int until, + } + if (plpgsql_SpaceScanned) + plpgsql_dstring_append(&ds, " "); ++ ++ /* Check for array overflow */ ++ if (nparams >= 1024) ++ { ++ plpgsql_error_lineno = lno; ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("too many variables specified in SQL statement"))); ++ } ++ + switch (tok) + { + case T_VARIABLE: +@@ -1856,6 +1866,15 @@ make_select_stmt(void) + + while ((tok = yylex()) == ',') + { ++ /* Check for array overflow */ ++ if (nfields >= 1024) ++ { ++ plpgsql_error_lineno = plpgsql_scanner_lineno(); ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("too many INTO variables specified"))); ++ } ++ + tok = yylex(); + switch(tok) + { +@@ -1906,6 +1925,16 @@ make_select_stmt(void) + + if (plpgsql_SpaceScanned) + plpgsql_dstring_append(&ds, " "); ++ ++ /* Check for array overflow */ ++ if (nparams >= 1024) ++ { ++ plpgsql_error_lineno = plpgsql_scanner_lineno(); ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("too many variables specified in SQL statement"))); ++ } ++ + switch (tok) + { + case T_VARIABLE: +@@ -1989,6 +2018,15 @@ make_fetch_stmt(void) + + while ((tok = yylex()) == ',') + { ++ /* Check for array overflow */ ++ if (nfields >= 1024) ++ { ++ plpgsql_error_lineno = plpgsql_scanner_lineno(); ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("too many INTO variables specified"))); ++ } ++ + tok = yylex(); + switch(tok) + { -- cgit v1.2.3