OSSForks/postgres
1
0
Fork 0
mirror of https://github.com/zebrajr/postgres.git synced 2025-12-06 12:20:15 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
Mirror of the official PostgreSQL GIT repository. Note that this is just a *mirror* - we don't work with pull requests on github. To contribute, please see https://wiki.postgresql.org/wiki/Submitting_a_Patch
61,436 Commits 34 Branches 537 Tags 1,009 MiB
C 85.1%
PLpgSQL 6%
Perl 4.6%
Yacc 1.2%
Meson 0.7%
Other 2.2%
e5d64fd654
Go to file
Tom Lane e5d64fd654 Tighten parsing of datetime input. 
ParseFraction only expects to deal with fields that contain a decimal
point and digit(s).  However it's possible in some edge cases for it
to be passed input that doesn't look like that.  In particular the
input could look like a valid floating-point number, such as ".123e6".
strtod() will happily eat that, possibly producing a result that is
not within the expected range 0..1, which can result in integer
overflow in the callers.  That doesn't have any security consequences,
but it's still not very desirable.  Fix by checking that the input
has the expected form.

Similarly, DecodeNumberField only expects to deal with fields that
contain a decimal point and digit(s), but it's sometimes abused to
parse strings that might not look like that.  This could result in
failure to reject bogus input, yielding silly results.  Again, fix
by rejecting input that doesn't look as-expected.  That decision
also means that we can affirmatively answer the very old comment
questioning whether we couldn't save some duplicative code by
using ParseFractionalSecond here.

While these changes should only reject input that nobody would
consider valid, it still doesn't seem like a change to make in
stable branches.  Apply to HEAD only.

Reported-by: Evgeniy Gorbanev <gorbanev.es@gmail.com>
Author: Tom Lane <tgl@sss.pgh.pa.us>
Discussion: https://postgr.es/m/1328335.1748371099@sss.pgh.pa.us
2025-05-28 15:10:48 -04:00
.github Add CODE_OF_CONDUCT.md, CONTRIBUTING.md, and SECURITY.md. 2024-07-02 13:03:58 -05:00
config oauth: Move the builtin flow into a separate module 2025-05-01 09:14:30 -07:00
contrib Revert "Don't lock partitions pruned by initial pruning" 2025-05-22 17:02:35 +09:00
doc doc PG 18 relnotes: clarify multiplication item 2025-05-28 12:34:11 -04:00
src Tighten parsing of datetime input. 2025-05-28 15:10:48 -04:00
.cirrus.star Remove duplicate words in docs and code comments. 2023-10-09 09:18:47 +05:30
.cirrus.tasks.yml ci: Check for missing dependencies in meson builds 2025-04-09 22:01:58 +02:00
.cirrus.yml ci: Test NetBSD and OpenBSD 2025-02-12 09:40:07 -05:00
.dir-locals.el Make Emacs perl-mode indent more like perltidy. 2019-01-13 11:32:31 -08:00
.editorconfig Add script to keep .editorconfig in sync with .gitattributes 2025-02-01 10:09:45 +01:00
.git-blame-ignore-revs Add 918e7287e to .git-blame-ignore-revs 2025-04-30 19:27:56 +12:00
.gitattributes Add script to keep .editorconfig in sync with .gitattributes 2025-02-01 10:09:45 +01:00
.gitignore Update top-level .gitignore. 2022-12-04 15:23:00 -05:00
.mailmap Add a Git .mailmap file 2024-11-05 13:56:02 +01:00
aclocal.m4 autoconf: Move export_dynamic determination to configure 2022-12-06 18:55:28 -08:00
configure Make our usage of memset_s() conform strictly to the C11 standard. 2025-05-18 12:45:55 -04:00
configure.ac Make our usage of memset_s() conform strictly to the C11 standard. 2025-05-18 12:45:55 -04:00
COPYRIGHT Align organization wording in copyright statement 2025-05-16 11:20:07 -04:00
GNUmakefile.in Allow selecting the git revision to be packaged by "make dist". 2024-05-03 11:08:50 -04:00
HISTORY Canonicalize some URLs 2020-02-10 20:47:50 +01:00
Makefile Remove AIX support 2024-02-28 15:17:23 +04:00
meson_options.txt Add support for basic NUMA awareness 2025-04-07 23:08:17 +02:00
meson.build Make our usage of memset_s() conform strictly to the C11 standard. 2025-05-18 12:45:55 -04:00
README.md Revise the style of a paragraph in README.md. 2024-03-21 10:16:41 -05:00

README.md

PostgreSQL Database Management System

This directory contains the source code distribution of the PostgreSQL database management system.

PostgreSQL is an advanced object-relational database management system that supports an extended subset of the SQL standard, including transactions, foreign keys, subqueries, triggers, user-defined types and functions. This distribution also contains C language bindings.

Copyright and license information can be found in the file COPYRIGHT.

General documentation about this version of PostgreSQL can be found at https://www.postgresql.org/docs/devel/. In particular, information about building PostgreSQL from the source code can be found at https://www.postgresql.org/docs/devel/installation.html.

The latest version of this software, and related software, may be obtained at https://www.postgresql.org/download/. For more information look at our web site located at https://www.postgresql.org/.