Repair problems with overrun of timezone name length. Increase MAXTZLEN

to 10, and be consistent about whether it counts the trailing null (it does not). Also increase MAXDATELEN to be sure no buffer overflows are caused by the longer MAXTZLEN.

Repair problems with overrun of timezone name length. Increase MAXTZLEN
to 10, and be consistent about whether it counts the trailing null (it does not). Also increase MAXDATELEN to be sure no buffer overflows are caused by the longer MAXTZLEN.
22a517a4 · Tom Lane · f089c364 · 22a517a4 · 22a517a4 · 22a517a4
4 changed file
--- a/src/backend/utils/adt/datetime.c
+++ b/src/backend/utils/adt/datetime.c
@@ -8,7 +8,7 @@
 *
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/adt/datetime.c,v 1.47 2000/04/14 15:22:10 thomas Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/adt/datetime.c,v 1.48 2000/05/29 19:16:57 tgl Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -2153,7 +2153,7 @@ EncodeDateTime(struct tm * tm, double fsec, int *tzp, char **tzn, int style, cha
 					if ((*tzn != NULL) && (tm->tm_isdst >= 0))
 					{
 						strcpy((str + 27), " ");
-						strncpy((str + 28), *tzn, MAXTZLEN);
+						StrNCpy((str + 28), *tzn, MAXTZLEN+1);
 					}
 				}
 				else
@@ -2162,7 +2162,7 @@ EncodeDateTime(struct tm * tm, double fsec, int *tzp, char **tzn, int style, cha
 					if ((*tzn != NULL) && (tm->tm_isdst >= 0))
 					{
 						strcpy((str + 24), " ");
-						strncpy((str + 25), *tzn, MAXTZLEN);
+						StrNCpy((str + 25), *tzn, MAXTZLEN+1);
 					}
 				}


--- a/src/backend/utils/adt/nabstime.c
+++ b/src/backend/utils/adt/nabstime.c
@@ -9,7 +9,7 @@
 *
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/adt/nabstime.c,v 1.67 2000/04/12 17:15:50 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/adt/nabstime.c,v 1.68 2000/05/29 19:16:57 tgl Exp $
 *
 * NOTES
 *
@@ -253,12 +253,9 @@ abstime2tm(AbsoluteTime time, int *tzp, struct tm * tm, char *tzn)
 		 * Copy no more than MAXTZLEN bytes of timezone to tzn, in case it
 		 * contains an error message, which doesn't fit in the buffer
 		 */
-		strncpy(tzn, tm->tm_zone, MAXTZLEN);
+		StrNCpy(tzn, tm->tm_zone, MAXTZLEN+1);
 		if (strlen(tm->tm_zone) > MAXTZLEN)
-		{
-			tzn[MAXTZLEN] = '\0';
 			elog(NOTICE, "Invalid timezone \'%s\'", tm->tm_zone);
-		}
 	}
 #elif defined(HAVE_INT_TIMEZONE)
 	if (tzp != NULL)
@@ -274,12 +271,9 @@ abstime2tm(AbsoluteTime time, int *tzp, struct tm * tm, char *tzn)
 		 * Copy no more than MAXTZLEN bytes of timezone to tzn, in case it
 		 * contains an error message, which doesn't fit in the buffer
 		 */
-		strncpy(tzn, tzname[tm->tm_isdst], MAXTZLEN);
+		StrNCpy(tzn, tzname[tm->tm_isdst], MAXTZLEN+1);
 		if (strlen(tzname[tm->tm_isdst]) > MAXTZLEN)
-		{
-			tzn[MAXTZLEN] = '\0';
 			elog(NOTICE, "Invalid timezone \'%s\'", tzname[tm->tm_isdst]);
-		}
 	}
 #else
 #error POSIX time support is broken
@@ -293,7 +287,10 @@ abstime2tm(AbsoluteTime time, int *tzp, struct tm * tm, char *tzn)
 	 * 97/03/18
 	 */
 	if (tzn != NULL)
+	{
 		strftime(tzn, MAXTZLEN, "%Z", localtime(&now));
+		tzn[MAXTZLEN] = '\0';	/* let's just be sure it's null-terminated */
+	}
 #endif

 	return;

--- a/src/include/miscadmin.h
+++ b/src/include/miscadmin.h
@@ -12,7 +12,7 @@
 * Portions Copyright (c) 1996-2000, PostgreSQL, Inc
 * Portions Copyright (c) 1994, Regents of the University of California
 *
- * $Id: miscadmin.h,v 1.55 2000/04/12 17:16:24 momjian Exp $
+ * $Id: miscadmin.h,v 1.56 2000/05/29 19:16:55 tgl Exp $
 *
 * NOTES
 *	  some of the information in this file will be moved to
@@ -85,7 +85,7 @@ extern int	DebugLvl;
 * CTZName is the timezone label.
 */

-#define MAXTZLEN		7
+#define MAXTZLEN		10		/* max TZ name len, not counting tr. null */

 #define USE_POSTGRES_DATES		0
 #define USE_ISO_DATES			1

--- a/src/include/utils/datetime.h
+++ b/src/include/utils/datetime.h
@@ -9,7 +9,7 @@
 * Portions Copyright (c) 1996-2000, PostgreSQL, Inc
 * Portions Copyright (c) 1994, Regents of the University of California
 *
- * $Id: datetime.h,v 1.13 2000/04/14 15:22:22 thomas Exp $
+ * $Id: datetime.h,v 1.14 2000/05/29 19:16:56 tgl Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -163,8 +163,8 @@
 #define DTK_DATE_M		(DTK_M(YEAR) | DTK_M(MONTH) | DTK_M(DAY))
 #define DTK_TIME_M		(DTK_M(HOUR) | DTK_M(MINUTE) | DTK_M(SECOND))

-#define MAXDATELEN		47		/* maximum possible length of an input
-								 * date string */
+#define MAXDATELEN		51		/* maximum possible length of an input
+								 * date string (not counting tr. null) */
 #define MAXDATEFIELDS	25		/* maximum possible number of fields in a
 								 * date string */
 #define TOKMAXLEN		10		/* only this many chars are stored in