summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0e92519)
raw | patch | inline | side by side (parent: 0e92519)
| author | Peter Eisentraut <peter_e@gmx.net> | |
| Wed, 7 Mar 2012 21:46:41 +0000 (23:46 +0200) | ||
| committer | Peter Eisentraut <peter_e@gmx.net> | |
| Sat, 10 Mar 2012 22:51:07 +0000 (00:51 +0200) |
Due to an apparent thinko, when printing a table in expanded mode
(\x), space would be allocated for 1 slot plus 1 byte per line,
instead of 1 slot per line plus 1 slot for the NULL terminator. When
the line count is small, reading or writing the terminator would
therefore access memory beyond what was allocated.
(\x), space would be allocated for 1 slot plus 1 byte per line,
instead of 1 slot per line plus 1 slot for the NULL terminator. When
the line count is small, reading or writing the terminator would
therefore access memory beyond what was allocated.
| src/bin/psql/print.c | patch | blob | blame | history |
diff --git a/src/bin/psql/print.c b/src/bin/psql/print.c
index 9c38be1fd2f175f55275e1cc1b14c8996ca3e112..7334e8dbfe471b5d43844053a469b17b6a52a96a 100644 (file)
--- a/src/bin/psql/print.c
+++ b/src/bin/psql/print.c
* We now have all the information we need to setup the formatting
* structures
*/
- dlineptr = pg_local_malloc((sizeof(*dlineptr) + 1) * dheight);
- hlineptr = pg_local_malloc((sizeof(*hlineptr) + 1) * hheight);
+ dlineptr = pg_local_malloc((sizeof(*dlineptr)) * (dheight + 1));
+ hlineptr = pg_local_malloc((sizeof(*hlineptr)) * (hheight + 1));
dlineptr->ptr = pg_local_malloc(dformatsize);
hlineptr->ptr = pg_local_malloc(hformatsize);