Participants
Bruno Wolff III
Bruno Wolff III
Tom Lane
Tom Lane
Attachments
Show all attachments
Thread Outline
#1Bruno Wolff IIIBruno Wolff III
Aug 18, 2002
#2Tom LaneTom Laneto Bruno Wolff III (#1)
Aug 18, 2002

cube output function can overrun its buffer

Started by Bruno Wolff IIIover 23 years ago2 messagesbugs
Jump to latest
#1Bruno Wolff III
Bruno Wolff III
bruno@wolff.to

In cube_out 100 bytes are allocated to hold the output string. Instead
using a bound on the size of g format output and separation characters,
this bound times twice the dimension (possibly plus a small constant for
parens and terminating 0 byte) should be used.

With this approach you might want to add specific precision specification
in case the default precision in glibc changes in the future.

#2Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: Bruno Wolff III (#1)
Re: cube output function can overrun its buffer

Bruno Wolff III <bruno@wolff.to> writes:

In cube_out 100 bytes are allocated to hold the output string.

Good point.

Instead
using a bound on the size of g format output and separation characters,
this bound times twice the dimension (possibly plus a small constant for
parens and terminating 0 byte) should be used.

I made it use an expandable buffer, instead. Much less fragile...

regards, tom lane

← Back to Topics