summaryrefslogtreecommitdiffstats
path: root/ulogd
diff options
context:
space:
mode:
authorlaforge <laforge>2005-02-12 21:19:17 +0000
committerlaforge <laforge>2005-02-12 21:19:17 +0000
commitcb236a62cac875c4271a682cf90f20b859b8c0d1 (patch)
treec74e4b43470b797aaa806f32c6f29ffb4d026f51 /ulogd
parent3249b84bfded2d8edfaf52c77752370faa295831 (diff)
fix potential buffer overflow
Diffstat (limited to 'ulogd')
-rw-r--r--ulogd/pgsql/ulogd_PGSQL.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/ulogd/pgsql/ulogd_PGSQL.c b/ulogd/pgsql/ulogd_PGSQL.c
index b077fee..0c1f698 100644
--- a/ulogd/pgsql/ulogd_PGSQL.c
+++ b/ulogd/pgsql/ulogd_PGSQL.c
@@ -241,12 +241,14 @@ static int pgsql_createstmt(void)
return 0;
}
+#define PGSQL_GETCOLUMN_TEMPLATE "SELECT a.attname FROM pg_class c, pg_attribute a WHERE c.relname ='%s' AND a.attnum>0 AND a.attrelid=c.oid ORDER BY a.attnum
+
/* find out which columns the table has */
static int pgsql_get_columns(const char *table)
{
PGresult *result;
char buf[ULOGD_MAX_KEYLEN];
- char pgbuf[256];
+ char pgbuf[strlen(PGSQL_GETCOLUMN_TEMPLATE)+strlen(table)+1];
char *underscore;
struct _field *f;
int id;
@@ -255,9 +257,7 @@ static int pgsql_get_columns(const char *table)
if (!dbh)
return 1;
- strcpy(pgbuf, "SELECT a.attname FROM pg_class c, pg_attribute a WHERE c.relname ='");
- strncat(pgbuf, table, strlen(table));
- strcat(pgbuf, "' AND a.attnum>0 AND a.attrelid=c.oid ORDER BY a.attnum");
+ snprintf(pgbuf, sizeof(pgbuf)-1, "SELECT a.attname FROM pg_class c, pg_attribute a WHERE c.relname ='%s' AND a.attnum>0 AND a.attrelid=c.oid ORDER BY a.attnum", table);
ulogd_log(ULOGD_DEBUG, pgbuf);
result = PQexec(dbh, pgbuf);