diff options
Diffstat (limited to 'dev-db/postgresql/files/postgresql-7.4.7-securityfix.patch')
-rw-r--r-- | dev-db/postgresql/files/postgresql-7.4.7-securityfix.patch | 68 |
1 files changed, 0 insertions, 68 deletions
diff --git a/dev-db/postgresql/files/postgresql-7.4.7-securityfix.patch b/dev-db/postgresql/files/postgresql-7.4.7-securityfix.patch deleted file mode 100644 index 1d6bffde056b..000000000000 --- a/dev-db/postgresql/files/postgresql-7.4.7-securityfix.patch +++ /dev/null @@ -1,68 +0,0 @@ ---- pgsql/src/pl/plpgsql/src/gram.y 2005/01/21 00:31:21 1.48.2.1 -+++ pgsql/src/pl/plpgsql/src/gram.y 2005/02/08 18:22:11 1.48.2.3 -@@ -1699,6 +1699,16 @@ read_sql_construct(int until, - } - if (plpgsql_SpaceScanned) - plpgsql_dstring_append(&ds, " "); -+ -+ /* Check for array overflow */ -+ if (nparams >= 1024) -+ { -+ plpgsql_error_lineno = lno; -+ ereport(ERROR, -+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), -+ errmsg("too many variables specified in SQL statement"))); -+ } -+ - switch (tok) - { - case T_VARIABLE: -@@ -1856,6 +1866,15 @@ make_select_stmt(void) - - while ((tok = yylex()) == ',') - { -+ /* Check for array overflow */ -+ if (nfields >= 1024) -+ { -+ plpgsql_error_lineno = plpgsql_scanner_lineno(); -+ ereport(ERROR, -+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), -+ errmsg("too many INTO variables specified"))); -+ } -+ - tok = yylex(); - switch(tok) - { -@@ -1906,6 +1925,16 @@ make_select_stmt(void) - - if (plpgsql_SpaceScanned) - plpgsql_dstring_append(&ds, " "); -+ -+ /* Check for array overflow */ -+ if (nparams >= 1024) -+ { -+ plpgsql_error_lineno = plpgsql_scanner_lineno(); -+ ereport(ERROR, -+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), -+ errmsg("too many variables specified in SQL statement"))); -+ } -+ - switch (tok) - { - case T_VARIABLE: -@@ -1989,6 +2018,15 @@ make_fetch_stmt(void) - - while ((tok = yylex()) == ',') - { -+ /* Check for array overflow */ -+ if (nfields >= 1024) -+ { -+ plpgsql_error_lineno = plpgsql_scanner_lineno(); -+ ereport(ERROR, -+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), -+ errmsg("too many INTO variables specified"))); -+ } -+ - tok = yylex(); - switch(tok) - { |