public inbox for [email protected]help / color / mirror / Atom feed
pgsql: Fix mb2wchar functions on short input. 6+ messages / 1 participants [nested] [flat]
* pgsql: Fix mb2wchar functions on short input. @ 2026-02-09 00:06 Thomas Munro <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Thomas Munro @ 2026-02-09 00:06 UTC (permalink / raw) To: [email protected] Fix mb2wchar functions on short input. When converting multibyte to pg_wchar, the UTF-8 implementation would silently ignore an incomplete final character, while the other implementations would cast a single byte to pg_wchar, and then repeat for the remaining byte sequence. While it didn't overrun the buffer, it was surely garbage output. Make all encodings behave like the UTF-8 implementation. A later change for master only will convert this to an error, but we choose not to back-patch that behavior change on the off-chance that someone is relying on the existing UTF-8 behavior. Security: CVE-2026-2006 Backpatch-through: 14 Author: Thomas Munro <[email protected]> Reported-by: Noah Misch <[email protected]> Reviewed-by: Noah Misch <[email protected]> Reviewed-by: Heikki Linnakangas <[email protected]> Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/74ee636cc93d919c845e3e3ad3642e6366ce1802 Modified Files -------------- src/common/wchar.c | 52 ++++++++++++++++++++++++++++++++-------------------- 1 file changed, 32 insertions(+), 20 deletions(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
* pgsql: Fix mb2wchar functions on short input. @ 2026-02-09 00:07 Thomas Munro <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Thomas Munro @ 2026-02-09 00:07 UTC (permalink / raw) To: [email protected] Fix mb2wchar functions on short input. When converting multibyte to pg_wchar, the UTF-8 implementation would silently ignore an incomplete final character, while the other implementations would cast a single byte to pg_wchar, and then repeat for the remaining byte sequence. While it didn't overrun the buffer, it was surely garbage output. Make all encodings behave like the UTF-8 implementation. A later change for master only will convert this to an error, but we choose not to back-patch that behavior change on the off-chance that someone is relying on the existing UTF-8 behavior. Security: CVE-2026-2006 Backpatch-through: 14 Author: Thomas Munro <[email protected]> Reported-by: Noah Misch <[email protected]> Reviewed-by: Noah Misch <[email protected]> Reviewed-by: Heikki Linnakangas <[email protected]> Branch ------ REL_18_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/efef05ba995fb2f553c146acb5c33828cc4f898a Modified Files -------------- src/common/wchar.c | 52 ++++++++++++++++++++++++++++++++-------------------- 1 file changed, 32 insertions(+), 20 deletions(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
* pgsql: Fix mb2wchar functions on short input. @ 2026-02-09 00:07 Thomas Munro <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Thomas Munro @ 2026-02-09 00:07 UTC (permalink / raw) To: [email protected] Fix mb2wchar functions on short input. When converting multibyte to pg_wchar, the UTF-8 implementation would silently ignore an incomplete final character, while the other implementations would cast a single byte to pg_wchar, and then repeat for the remaining byte sequence. While it didn't overrun the buffer, it was surely garbage output. Make all encodings behave like the UTF-8 implementation. A later change for master only will convert this to an error, but we choose not to back-patch that behavior change on the off-chance that someone is relying on the existing UTF-8 behavior. Security: CVE-2026-2006 Backpatch-through: 14 Author: Thomas Munro <[email protected]> Reported-by: Noah Misch <[email protected]> Reviewed-by: Noah Misch <[email protected]> Reviewed-by: Heikki Linnakangas <[email protected]> Branch ------ REL_17_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/7a522039f7010ea9ec45dcbf11a4038dce240bb3 Modified Files -------------- src/common/wchar.c | 52 ++++++++++++++++++++++++++++++++-------------------- 1 file changed, 32 insertions(+), 20 deletions(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
* pgsql: Fix mb2wchar functions on short input. @ 2026-02-09 00:07 Thomas Munro <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Thomas Munro @ 2026-02-09 00:07 UTC (permalink / raw) To: [email protected] Fix mb2wchar functions on short input. When converting multibyte to pg_wchar, the UTF-8 implementation would silently ignore an incomplete final character, while the other implementations would cast a single byte to pg_wchar, and then repeat for the remaining byte sequence. While it didn't overrun the buffer, it was surely garbage output. Make all encodings behave like the UTF-8 implementation. A later change for master only will convert this to an error, but we choose not to back-patch that behavior change on the off-chance that someone is relying on the existing UTF-8 behavior. Security: CVE-2026-2006 Backpatch-through: 14 Author: Thomas Munro <[email protected]> Reported-by: Noah Misch <[email protected]> Reviewed-by: Noah Misch <[email protected]> Reviewed-by: Heikki Linnakangas <[email protected]> Branch ------ REL_16_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/b0e3f5cf94086baa3b3b13630db333be3e525f27 Modified Files -------------- src/common/wchar.c | 52 ++++++++++++++++++++++++++++++++-------------------- 1 file changed, 32 insertions(+), 20 deletions(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
* pgsql: Fix mb2wchar functions on short input. @ 2026-02-09 00:07 Thomas Munro <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Thomas Munro @ 2026-02-09 00:07 UTC (permalink / raw) To: [email protected] Fix mb2wchar functions on short input. When converting multibyte to pg_wchar, the UTF-8 implementation would silently ignore an incomplete final character, while the other implementations would cast a single byte to pg_wchar, and then repeat for the remaining byte sequence. While it didn't overrun the buffer, it was surely garbage output. Make all encodings behave like the UTF-8 implementation. A later change for master only will convert this to an error, but we choose not to back-patch that behavior change on the off-chance that someone is relying on the existing UTF-8 behavior. Security: CVE-2026-2006 Backpatch-through: 14 Author: Thomas Munro <[email protected]> Reported-by: Noah Misch <[email protected]> Reviewed-by: Noah Misch <[email protected]> Reviewed-by: Heikki Linnakangas <[email protected]> Branch ------ REL_15_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/50863be0b77eeac5c1907ccd46c146eb80524e1a Modified Files -------------- src/common/wchar.c | 52 ++++++++++++++++++++++++++++++++-------------------- 1 file changed, 32 insertions(+), 20 deletions(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
* pgsql: Fix mb2wchar functions on short input. @ 2026-02-09 00:08 Thomas Munro <[email protected]> 0 siblings, 0 replies; 6+ messages in thread From: Thomas Munro @ 2026-02-09 00:08 UTC (permalink / raw) To: [email protected] Fix mb2wchar functions on short input. When converting multibyte to pg_wchar, the UTF-8 implementation would silently ignore an incomplete final character, while the other implementations would cast a single byte to pg_wchar, and then repeat for the remaining byte sequence. While it didn't overrun the buffer, it was surely garbage output. Make all encodings behave like the UTF-8 implementation. A later change for master only will convert this to an error, but we choose not to back-patch that behavior change on the off-chance that someone is relying on the existing UTF-8 behavior. Security: CVE-2026-2006 Backpatch-through: 14 Author: Thomas Munro <[email protected]> Reported-by: Noah Misch <[email protected]> Reviewed-by: Noah Misch <[email protected]> Reviewed-by: Heikki Linnakangas <[email protected]> Branch ------ REL_14_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/6ed116046dcfaca5ee1684a0ef0c7c98a345c3b9 Modified Files -------------- src/common/wchar.c | 52 ++++++++++++++++++++++++++++++++-------------------- 1 file changed, 32 insertions(+), 20 deletions(-) ^ permalink raw reply [nested|flat] 6+ messages in thread
end of thread, other threads:[~2026-02-09 00:08 UTC | newest] Thread overview: 6+ messages (download: mbox mbox.gz follow: Atom feed) -- links below jump to the message on this page -- 2026-02-09 00:06 pgsql: Fix mb2wchar functions on short input. Thomas Munro <[email protected]> 2026-02-09 00:07 pgsql: Fix mb2wchar functions on short input. Thomas Munro <[email protected]> 2026-02-09 00:07 pgsql: Fix mb2wchar functions on short input. Thomas Munro <[email protected]> 2026-02-09 00:07 pgsql: Fix mb2wchar functions on short input. Thomas Munro <[email protected]> 2026-02-09 00:07 pgsql: Fix mb2wchar functions on short input. Thomas Munro <[email protected]> 2026-02-09 00:08 pgsql: Fix mb2wchar functions on short input. Thomas Munro <[email protected]>
This inbox is served by agora; see mirroring instructions for how to clone and mirror all data and code used for this inbox