Commit 32be1c8e authored by Bruce Momjian's avatar Bruce Momjian

Remove use of sscanf in pg_upgrade, and add C comment to pg_dump

Per report from Jackie Chang
parent a0d8947a
...@@ -453,9 +453,10 @@ get_sock_dir(ClusterInfo *cluster, bool live_check) ...@@ -453,9 +453,10 @@ get_sock_dir(ClusterInfo *cluster, bool live_check)
sscanf(line, "%hu", &old_cluster.port); sscanf(line, "%hu", &old_cluster.port);
if (lineno == LOCK_FILE_LINE_SOCKET_DIR) if (lineno == LOCK_FILE_LINE_SOCKET_DIR)
{ {
cluster->sockdir = pg_malloc(MAXPGPATH); cluster->sockdir = pg_strdup(line);
/* strip off newline */ /* strip off newline */
sscanf(line, "%s\n", cluster->sockdir); if (strchr(cluster->sockdir, '\n') != NULL)
*strchr(cluster->sockdir, '\n') = '\0';
} }
} }
fclose(fp); fclose(fp);
......
...@@ -452,6 +452,7 @@ _LoadBlobs(ArchiveHandle *AH, RestoreOptions *ropt) ...@@ -452,6 +452,7 @@ _LoadBlobs(ArchiveHandle *AH, RestoreOptions *ropt)
char fname[MAXPGPATH]; char fname[MAXPGPATH];
char path[MAXPGPATH]; char path[MAXPGPATH];
/* Can't overflow because line and fname are the same length. */
if (sscanf(line, "%u %s\n", &oid, fname) != 2) if (sscanf(line, "%u %s\n", &oid, fname) != 2)
exit_horribly(modulename, "invalid line in large object TOC file \"%s\": \"%s\"\n", exit_horribly(modulename, "invalid line in large object TOC file \"%s\": \"%s\"\n",
fname, line); fname, line);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment