apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian J. France" <l...@firehawksystems.com>
Subject DBD postgres escaping patch
Date Thu, 01 Sep 2005 18:58:18 GMT
While working on mod_smtpd_access_dbd I noticed that dbd_pgsql_escape  
does allocate enough space for escaped return string.  According to the  
docs:

http://www.postgresql.org/docs/8.0/static/libpq-exec.html#LIBPQ-EXEC- 
ESCAPE-STRING

"to (the ret value here) shall point to a buffer that is able to hold  
at least one more character than twice the value of length, otherwise  
the behavior is undefined"

Index: dbd/apr_dbd_pgsql.c
===================================================================
--- dbd/apr_dbd_pgsql.c (revision 233547)
+++ dbd/apr_dbd_pgsql.c (working copy)
@@ -221,7 +221,7 @@
                                      apr_dbd_t *sql)
  {
      size_t len = strlen(arg);
-    char *ret = apr_palloc(pool, len + 1);
+    char *ret = apr_palloc(pool, len*2 + 2);
      PQescapeString(ret, arg, len);
      return ret;
  }


Mime
View raw message