Back-patch Neil's four additional buffer overrun checks.

author Tom Lane <[email protected]>

Tue, 8 Feb 2005 18:22:54 +0000 (18:22 +0000)

committer Tom Lane <[email protected]>

Tue, 8 Feb 2005 18:22:54 +0000 (18:22 +0000)
author Tom Lane <[email protected]>
Tue, 8 Feb 2005 18:22:54 +0000 (18:22 +0000)
committer Tom Lane <[email protected]>
Tue, 8 Feb 2005 18:22:54 +0000 (18:22 +0000)
diff --git a/src/pl/plpgsql/src/gram.y b/src/pl/plpgsql/src/gram.y

index a3d7b2f933da961671f4badc07600b7a8ae21c7f..35f88df9504a7bcaeec37660748c87ce761d49b7 100644 (file)
--- a/src/pl/plpgsql/src/gram.y
+++ b/src/pl/plpgsql/src/gram.y
@@ -1565,6 +1565,14 @@ read_sql_construct(int until,
                 }
                 if (plpgsql_SpaceScanned)
                         plpgsql_dstring_append(&ds, " ");
+
+               /* Check for array overflow */
+               if (nparams >= 1024)
+               {
+                       plpgsql_error_lineno = lno;
+                       elog(ERROR, "too many variables specified in SQL statement");
+               }
+
                 switch (tok)
                 {
                         case T_VARIABLE:
@@ -1708,6 +1716,14 @@ make_select_stmt()
  
                 if (plpgsql_SpaceScanned)
                         plpgsql_dstring_append(&ds, " ");
+
+               /* Check for array overflow */
+               if (nparams >= 1024)
+               {
+                       plpgsql_error_lineno = yylineno;
+                       elog(ERROR, "too many variables specified in SQL statement");
+               }
+
                 switch (tok)
                 {
                         case T_VARIABLE:
@@ -1776,6 +1792,13 @@ make_select_stmt()
  
                                 while ((tok = yylex()) == ',')
                                 {
+                                       /* Check for array overflow */
+                                       if (nfields >= 1024)
+                                       {
+                                               plpgsql_error_lineno = yylineno;
+                                               elog(ERROR, "too many INTO variables specified");
+                                       }
+
                                         tok = yylex();
                                         switch(tok)
                                         {
@@ -1992,6 +2015,13 @@ make_fetch_stmt()
  
                                 while ((tok = yylex()) == ',')
                                 {
+                                       /* Check for array overflow */
+                                       if (nfields >= 1024)
+                                       {
+                                               plpgsql_error_lineno = yylineno;
+                                               elog(ERROR, "too many INTO variables specified");
+                                       }
+
                                         tok = yylex();
                                         switch(tok)
                                         {
author	Tom Lane <[email protected]>
	Tue, 8 Feb 2005 18:22:54 +0000 (18:22 +0000)
committer	Tom Lane <[email protected]>
	Tue, 8 Feb 2005 18:22:54 +0000 (18:22 +0000)