OSSForks/postgres
1
0
Fork 0
mirror of https://github.com/zebrajr/postgres.git synced 2025-12-06 12:20:15 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
Mirror of the official PostgreSQL GIT repository. Note that this is just a *mirror* - we don't work with pull requests on github. To contribute, please see https://wiki.postgresql.org/wiki/Submitting_a_Patch
61,339 Commits 34 Branches 537 Tags 1,009 MiB
C 85.1%
PLpgSQL 6%
Perl 4.6%
Yacc 1.2%
Meson 0.7%
Other 2.2%
627acc3caa
Go to file
Noah Misch 627acc3caa With GB18030, prevent SIGSEGV from reading past end of allocation. 
With GB18030 as source encoding, applications could crash the server via
SQL functions convert() or convert_from().  Applications themselves
could crash after passing unterminated GB18030 input to libpq functions
PQescapeLiteral(), PQescapeIdentifier(), PQescapeStringConn(), or
PQescapeString().  Extension code could crash by passing unterminated
GB18030 input to jsonapi.h functions.  All those functions have been
intended to handle untrusted, unterminated input safely.

A crash required allocating the input such that the last byte of the
allocation was the last byte of a virtual memory page.  Some malloc()
implementations take measures against that, making the SIGSEGV hard to
reach.  Back-patch to v13 (all supported versions).

Author: Noah Misch <noah@leadboat.com>
Author: Andres Freund <andres@anarazel.de>
Reviewed-by: Masahiko Sawada <sawada.mshk@gmail.com>
Backpatch-through: 13
Security: CVE-2025-4207
2025-05-05 04:52:04 -07:00
.github Add CODE_OF_CONDUCT.md, CONTRIBUTING.md, and SECURITY.md. 2024-07-02 13:03:58 -05:00
config oauth: Move the builtin flow into a separate module 2025-05-01 09:14:30 -07:00
contrib oauth: Disallow OAuth connections via postgres_fdw/dblink 2025-04-29 13:08:24 -07:00
doc doc PG 18 relnotes: adjust COPY and REJECT_LIMIT items 2025-05-04 22:37:20 -04:00
src With GB18030, prevent SIGSEGV from reading past end of allocation. 2025-05-05 04:52:04 -07:00
.cirrus.star Remove duplicate words in docs and code comments. 2023-10-09 09:18:47 +05:30
.cirrus.tasks.yml ci: Check for missing dependencies in meson builds 2025-04-09 22:01:58 +02:00
.cirrus.yml ci: Test NetBSD and OpenBSD 2025-02-12 09:40:07 -05:00
.dir-locals.el Make Emacs perl-mode indent more like perltidy. 2019-01-13 11:32:31 -08:00
.editorconfig Add script to keep .editorconfig in sync with .gitattributes 2025-02-01 10:09:45 +01:00
.git-blame-ignore-revs Add 918e7287e to .git-blame-ignore-revs 2025-04-30 19:27:56 +12:00
.gitattributes Add script to keep .editorconfig in sync with .gitattributes 2025-02-01 10:09:45 +01:00
.gitignore Update top-level .gitignore. 2022-12-04 15:23:00 -05:00
.mailmap Add a Git .mailmap file 2024-11-05 13:56:02 +01:00
aclocal.m4 autoconf: Move export_dynamic determination to configure 2022-12-06 18:55:28 -08:00
configure oauth: Move the builtin flow into a separate module 2025-05-01 09:14:30 -07:00
configure.ac oauth: Move the builtin flow into a separate module 2025-05-01 09:14:30 -07:00
COPYRIGHT Update copyright for 2025 2025-01-01 11:21:55 -05:00
GNUmakefile.in Allow selecting the git revision to be packaged by "make dist". 2024-05-03 11:08:50 -04:00
HISTORY Canonicalize some URLs 2020-02-10 20:47:50 +01:00
Makefile Remove AIX support 2024-02-28 15:17:23 +04:00
meson_options.txt Add support for basic NUMA awareness 2025-04-07 23:08:17 +02:00
meson.build oauth: Move the builtin flow into a separate module 2025-05-01 09:14:30 -07:00
README.md Revise the style of a paragraph in README.md. 2024-03-21 10:16:41 -05:00

README.md

PostgreSQL Database Management System

This directory contains the source code distribution of the PostgreSQL database management system.

PostgreSQL is an advanced object-relational database management system that supports an extended subset of the SQL standard, including transactions, foreign keys, subqueries, triggers, user-defined types and functions. This distribution also contains C language bindings.

Copyright and license information can be found in the file COPYRIGHT.

General documentation about this version of PostgreSQL can be found at https://www.postgresql.org/docs/devel/. In particular, information about building PostgreSQL from the source code can be found at https://www.postgresql.org/docs/devel/installation.html.

The latest version of this software, and related software, may be obtained at https://www.postgresql.org/download/. For more information look at our web site located at https://www.postgresql.org/.