From c53a82b99d98df393d7ba308bf1586b2201d0d65 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Sun, 26 Oct 2014 19:17:57 -0400 Subject: [PATCH] Fix undersized result buffer in pset_quoted_string(). The malloc request was 1 byte too small for the worst-case output. This seems relatively unlikely to cause any problems in practice, as the worst case only occurs if the input string contains no characters other than single-quote or newline, and even then malloc alignment padding would probably save the day. But it's definitely a bug. David Rowley --- src/bin/psql/command.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/bin/psql/command.c b/src/bin/psql/command.c index d8c477aab04..6504959e358 100644 --- a/src/bin/psql/command.c +++ b/src/bin/psql/command.c @@ -2603,7 +2603,7 @@ pset_bool_string(bool val) static char * pset_quoted_string(const char *str) { - char *ret = pg_malloc(strlen(str) * 2 + 2); + char *ret = pg_malloc(strlen(str) * 2 + 3); char *r = ret; *r++ = '\''; -- 2.39.5