"show pool_status", "pgpool show" and pcp_pool_status could cause a
buffer overflow error. If backend_flag is set to "ALWAYS_PRIMARY",
pool_flag_to_str(), which is responsible to produce printable format
of backend_flag, wrote data past to the end of static buffer.
Author: Tatsuo Ishii <ishii@postgresql.org>
Reported-by: zam bak <zam6ak@gmail.com>
Reviewed-by: Bo Peng <pengbo@sraoss.co.jp>
Discussion: https://www.postgresql.org/message-id/
20251202.140205.
427777414210613577.ishii%40postgresql.org
Backpatch-through: v4.3
* pgpool: a language independent connection pool server for PostgreSQL
* written by Tatsuo Ishii
*
- * Copyright (c) 2003-2024 PgPool Global Development Group
+ * Copyright (c) 2003-2025 PgPool Global Development Group
*
* Permission to use, copy, modify, and distribute this software and
* its documentation for any purpose and without fee is hereby
if (*buf == '\0')
snprintf(buf, sizeof(buf), "ALWAYS_PRIMARY");
else
- snprintf(buf+strlen(buf), sizeof(buf), "|ALWAYS_PRIMARY");
+ strncat(buf, "|ALWAYS_PRIMARY", 16);
}
return buf;
* pgpool: a language independent connection pool server for PostgreSQL
* written by Tatsuo Ishii
*
- * Copyright (c) 2003-2023 PgPool Global Development Group
+ * Copyright (c) 2003-2025 PgPool Global Development Group
*
* Permission to use, copy, modify, and distribute this software and
* its documentation for any purpose and without fee is hereby
if (*buffer == '\0')
snprintf(buffer, sizeof(buffer), "ALWAYS_PRIMARY");
else
- snprintf(buffer+strlen(buffer), sizeof(buffer), "|ALWAYS_PRIMARY");
+ strncat(buffer, "|ALWAYS_PRIMARY", 16);
}
return buffer;
}
projects / pgpool2.git / commitdiff