[PATCH] Fix off-by-one in PQprintTuples()
Don't write past the end of tborder; the size is width + 1.
---
src/interfaces/libpq/fe-print.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/interfaces/libpq/fe-print.c b/src/interfaces/libpq/fe-print.c
index 076e1cc..7ed489a 100644
--- a/src/interfaces/libpq/fe-print.c
+++ b/src/interfaces/libpq/fe-print.c
@@ -706,7 +706,7 @@ PQprintTuples(const PGresult *res,
fprintf(stderr, libpq_gettext("out of memory\n"));
abort();
}
- for (i = 0; i <= width; i++)
+ for (i = 0; i < width; i++)
tborder[i] = '-';
tborder[i] = '\0';
fprintf(fout, "%s\n", tborder);
--
1.7.10.4--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
* Xi Wang (xi.wang@gmail.com) wrote:
Don't write past the end of tborder; the size is width + 1.
This whole block of code is woefully without any comments. :(
Strictly speaking, it's this:
tborder[i] = '\0';
Which ends up writing past the end of the buffer (which is allocated as
'width + 1'). Perhaps we should also change that to be:
tborder[width] = '\0';
Thanks,
Stephen
Stephen Frost <sfrost@snowman.net> writes:
Strictly speaking, it's this:
tborder[i] = '\0';
Which ends up writing past the end of the buffer (which is allocated as
'width + 1'). Perhaps we should also change that to be:
tborder[width] = '\0';
Yeah, I like that better too. Will commit.
regards, tom lane
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers