From: Tom Lane <tgl@sss.pgh.pa.us>
Date: Tue, 8 Feb 2005 18:22:45 +0000 (+0000)
Subject: Back-patch Neil's four additional buffer overrun checks.
X-Git-Url: http://git.postgresql.org/gitweb/static/gitweb.js?a=commitdiff_plain;h=5ab3e07ba64278e8ab0099870385ad495a63c36d;p=users%2Fbernd%2Fpostgres.git

Back-patch Neil's four additional buffer overrun checks.
---

diff --git a/src/pl/plpgsql/src/gram.y b/src/pl/plpgsql/src/gram.y
index c1ad6de107..1d63645faa 100644
--- a/src/pl/plpgsql/src/gram.y
+++ b/src/pl/plpgsql/src/gram.y
@@ -1612,6 +1612,14 @@ read_sql_construct(int until,
 		}
 		if (plpgsql_SpaceScanned)
 			plpgsql_dstring_append(&ds, " ");
+
+		/* Check for array overflow */
+		if (nparams >= 1024)
+		{
+			plpgsql_error_lineno = lno;
+			elog(ERROR, "too many variables specified in SQL statement");
+		}
+
 		switch (tok)
 		{
 			case T_VARIABLE:
@@ -1761,6 +1769,13 @@ make_select_stmt(void)
 
 					while ((tok = yylex()) == ',')
 					{
+						/* Check for array overflow */
+						if (nfields >= 1024)
+						{
+							plpgsql_error_lineno = yylineno;
+							elog(ERROR, "too many INTO variables specified");
+						}
+
 						tok = yylex();
 						switch(tok)
 						{
@@ -1809,6 +1824,14 @@ make_select_stmt(void)
 
 		if (plpgsql_SpaceScanned)
 			plpgsql_dstring_append(&ds, " ");
+
+		/* Check for array overflow */
+		if (nparams >= 1024)
+		{
+			plpgsql_error_lineno = yylineno;
+			elog(ERROR, "too many variables specified in SQL statement");
+		}
+
 		switch (tok)
 		{
 			case T_VARIABLE:
@@ -1892,6 +1915,13 @@ make_fetch_stmt(void)
 
 				while ((tok = yylex()) == ',')
 				{
+					/* Check for array overflow */
+					if (nfields >= 1024)
+					{
+						plpgsql_error_lineno = yylineno;
+						elog(ERROR, "too many INTO variables specified");
+					}
+
 					tok = yylex();
 					switch(tok)
 					{