Ensure that memcmp() does not run off the end of memory, per Kurt Roeckx.

author Tom Lane <tgl@sss.pgh.pa.us>

Tue, 3 Feb 2004 17:56:04 +0000 (17:56 +0000)

committer Tom Lane <tgl@sss.pgh.pa.us>

Tue, 3 Feb 2004 17:56:04 +0000 (17:56 +0000)
author Tom Lane <tgl@sss.pgh.pa.us>
Tue, 3 Feb 2004 17:56:04 +0000 (17:56 +0000)
committer Tom Lane <tgl@sss.pgh.pa.us>
Tue, 3 Feb 2004 17:56:04 +0000 (17:56 +0000)
diff --git a/src/backend/utils/adt/regexp.c b/src/backend/utils/adt/regexp.c

index 5e0ec4ca8aa558f1aa68ebf1fd299f6ec0127a7b..516fe7980fcb8c13c7ae4c25727b29666cf3a3fc 100644 (file)
--- a/src/backend/utils/adt/regexp.c
+++ b/src/backend/utils/adt/regexp.c
@@ -118,7 +118,8 @@ RE_compile_and_execute(text *text_re, unsigned char *dat, int dat_len,
          */
         for (i = 0; i < num_res; i++)
         {
-               if (memcmp(re_array[i].cre_pat, text_re, text_re_len) == 0 &&
+               if (VARSIZE(re_array[i].cre_pat) == text_re_len &&
+                       memcmp(re_array[i].cre_pat, text_re, text_re_len) == 0 &&
                         re_array[i].cre_flags == cflags)
                 {
                         /*
author	Tom Lane <tgl@sss.pgh.pa.us>
	Tue, 3 Feb 2004 17:56:04 +0000 (17:56 +0000)
committer	Tom Lane <tgl@sss.pgh.pa.us>
	Tue, 3 Feb 2004 17:56:04 +0000 (17:56 +0000)