pg_standby: Avoid writing one byte beyond the end of the buffer.

Previously, read() might have returned a length equal to the buffer length, and then the subsequent store to buf[len] would write a zero-byte one byte past the end. This doesn't seem likely to be a security issue, but there's some chance it could result in pg_standby misbehaving. Spotted by Coverity; patch by Michael Paquier, reviewed by me.
2015-01-15 09:26:03 -05:00 · 2015-01-15 09:26:03 -05:00 · 0b49642b99
commit 0b49642b99
parent 6cfd5086e1
1 changed files with 1 additions and 1 deletions
--- a/contrib/pg_standby/pg_standby.c
+++ b/contrib/pg_standby/pg_standby.c
@ -418,7 +418,7 @@ CheckForExternalTrigger(void)
 		return;
 	}

-	if ((len = read(fd, buf, sizeof(buf))) < 0)
+	if ((len = read(fd, buf, sizeof(buf) - 1)) < 0)
 	{
 		fprintf(stderr, "WARNING: could not read \"%s\": %s\n",
 				triggerPath, strerror(errno));