Fix buffer overflow on particularly named files and clarify documentation about

output file naming.

Patch by Tsunakawa, Takayuki <tsunakawa.takay@jp.fujitsu.com>

diff --git a/doc/src/sgml/ref/ecpg-ref.sgml b/doc/src/sgml/ref/ecpg-ref.sgml
index edd20dcdd557526cbcb07ff86104093ba39113e4..226a9caa4d968d19d4a74a1484d9046c0cdd1929 100644 (file)
--- a/doc/src/sgml/ref/ecpg-ref.sgml
+++ b/doc/src/sgml/ref/ecpg-ref.sgml
@@ -42,11 +42,9 @@ PostgreSQL documentation
   <para>
    <command>ecpg</command> will convert each input file given on the
    command line to the corresponding C output file.  Input files
-   preferably have the extension <filename>.pgc</filename>, in which
-   case the extension will be replaced by <filename>.c</filename> to
-   determine the output file name.  If the extension of the input file
-   is not <filename>.pgc</filename>, then the output file name is
-   computed by appending <literal>.c</literal> to the full file name.
+   preferably have the extension <filename>.pgc</filename>.
+   The extension will be replaced by <filename>.c</filename> to
+   determine the output file name.
    The output file name can also be overridden using the
    <option>-o</option> option.
   </para>

diff --git a/src/interfaces/ecpg/preproc/ecpg.c b/src/interfaces/ecpg/preproc/ecpg.c
index 25e7d121bd3a08376717b10c4383c1288ed56fc9..d4907be32be744bc09c97077e917ff1833e0c14e 100644 (file)
--- a/src/interfaces/ecpg/preproc/ecpg.c
+++ b/src/interfaces/ecpg/preproc/ecpg.c
@@ -309,7 +309,8 @@ main(int argc, char *const argv[])
                    base_yyout = stdout;
                else
                {
-                   output_filename = strdup(input_filename);
+                   output_filename = mm_alloc(strlen(input_filename) + 3);
+                   strcpy(output_filename, input_filename);
 
                    ptr2ext = strrchr(output_filename, '.');
                    /* make extension = .c resp. .h */