You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@apr.apache.org by "Brian J. France" <li...@firehawksystems.com> on 2005/09/01 20:58:18 UTC
DBD postgres escaping patch
While working on mod_smtpd_access_dbd I noticed that dbd_pgsql_escape
does allocate enough space for escaped return string. According to the
docs:
http://www.postgresql.org/docs/8.0/static/libpq-exec.html#LIBPQ-EXEC-
ESCAPE-STRING
"to (the ret value here) shall point to a buffer that is able to hold
at least one more character than twice the value of length, otherwise
the behavior is undefined"
Index: dbd/apr_dbd_pgsql.c
===================================================================
--- dbd/apr_dbd_pgsql.c (revision 233547)
+++ dbd/apr_dbd_pgsql.c (working copy)
@@ -221,7 +221,7 @@
apr_dbd_t *sql)
{
size_t len = strlen(arg);
- char *ret = apr_palloc(pool, len + 1);
+ char *ret = apr_palloc(pool, len*2 + 2);
PQescapeString(ret, arg, len);
return ret;
}