Neon logical replication support for PG14 #309
Conversation
![arnica-github-connector[bot]](https://avatars.githubusercontent.com/in/144692?s=60&v=4){kind=small}
| wallog_mapping_file(char const* path, int fd) | ||
| { | ||
| char prefix[MAXPGPATH]; | ||
| snprintf(prefix, sizeof(prefix), "neon-file:%s", path); |
There was a problem hiding this comment.
Static Code Analysis Risk: CWE 121 - Stack-based Buffer Overflow - Stack based buffer overflow
The software directly writes into a stack buffer. This might lead to a stack-based buffer overflow. Avoid directly writing into stack buffers without proper boundary checks. Replace unsafe functions like strcpy, strcat, wcscpy, and wcscat with their safer counterparts such as strlcpy, strlcat, wcslcpy, and wcslcat, and use functions like strncpy, stpncpy, and their wide-character variants with caution, ensuring manual null-termination and proper buffer size checks.
Severity: High 🚨
Status: Open 🔴
References:
You received this notification because a new code risk has been identified
| errmsg("could not open file \"%s\": %m", tmppath))); | ||
|
|
||
| /* NEON specific: persist snapshot in storage using logical message */ | ||
| snprintf(prefix, sizeof(prefix), "neon-file:%s", path); |
There was a problem hiding this comment.
Static Code Analysis Risk: CWE 121 - Stack-based Buffer Overflow - Stack based buffer overflow
The software directly writes into a stack buffer. This might lead to a stack-based buffer overflow. Avoid directly writing into stack buffers without proper boundary checks. Replace unsafe functions like strcpy, strcat, wcscpy, and wcscat with their safer counterparts such as strlcpy, strlcat, wcslcpy, and wcslcat, and use functions like strncpy, stpncpy, and their wide-character variants with caution, ensuring manual null-termination and proper buffer size checks.
Severity: High 🚨
Status: Open 🔴
References:
You received this notification because a new code risk has been identified
| { | ||
| /* NEON specific: persist slot in storage using logical message */ | ||
| char prefix[MAXPGPATH]; | ||
| snprintf(prefix, sizeof(prefix), "neon-file:%s", path); |
There was a problem hiding this comment.
Static Code Analysis Risk: CWE 121 - Stack-based Buffer Overflow - Stack based buffer overflow
The software directly writes into a stack buffer. This might lead to a stack-based buffer overflow. Avoid directly writing into stack buffers without proper boundary checks. Replace unsafe functions like strcpy, strcat, wcscpy, and wcscat with their safer counterparts such as strlcpy, strlcat, wcslcpy, and wcslcat, and use functions like strncpy, stpncpy, and their wide-character variants with caution, ensuring manual null-termination and proper buffer size checks.
Severity: High 🚨
Status: Open 🔴
References:
You received this notification because a new code risk has been identified
| { | ||
| /* NEON specific: delete slot from storage using logical message */ | ||
| char prefix[MAXPGPATH]; | ||
| snprintf(prefix, sizeof(prefix), "neon-file:%s/state", path); |
There was a problem hiding this comment.
Static Code Analysis Risk: CWE 121 - Stack-based Buffer Overflow - Stack based buffer overflow
The software directly writes into a stack buffer. This might lead to a stack-based buffer overflow. Avoid directly writing into stack buffers without proper boundary checks. Replace unsafe functions like strcpy, strcat, wcscpy, and wcscat with their safer counterparts such as strlcpy, strlcat, wcslcpy, and wcslcat, and use functions like strncpy, stpncpy, and their wide-character variants with caution, ensuring manual null-termination and proper buffer size checks.
Severity: High 🚨
Status: Open 🔴
References:
You received this notification because a new code risk has been identified
| elog(DEBUG1, "removing snapbuild snapshot %s", path); | ||
|
|
||
| /* NEON specific: delete file from storage using logical message */ | ||
| snprintf(prefix, sizeof(prefix), "neon-file:%s", path); |
There was a problem hiding this comment.
Static Code Analysis Risk: CWE 121 - Stack-based Buffer Overflow - Stack based buffer overflow
The software directly writes into a stack buffer. This might lead to a stack-based buffer overflow. Avoid directly writing into stack buffers without proper boundary checks. Replace unsafe functions like strcpy, strcat, wcscpy, and wcscat with their safer counterparts such as strlcpy, strlcat, wcslcpy, and wcslcat, and use functions like strncpy, stpncpy, and their wide-character variants with caution, ensuring manual null-termination and proper buffer size checks.
Severity: High 🚨
Status: Open 🔴
References:
You received this notification because a new code risk has been identified
* Neon logical replication support for PG14 * Log heap rewrite file after creation. --------- Co-authored-by: Konstantin Knizhnik <knizhnik@neon.tech> Co-authored-by: Arseny Sher <sher-ars@yandex.ru>
* Neon logical replication support for PG14 * Log heap rewrite file after creation. --------- Co-authored-by: Konstantin Knizhnik <knizhnik@neon.tech> Co-authored-by: Arseny Sher <sher-ars@yandex.ru>
* Neon logical replication support for PG14 * Log heap rewrite file after creation. --------- Co-authored-by: Konstantin Knizhnik <knizhnik@neon.tech> Co-authored-by: Arseny Sher <sher-ars@yandex.ru>
* Neon logical replication support for PG14 * Log heap rewrite file after creation. --------- Co-authored-by: Konstantin Knizhnik <knizhnik@neon.tech> Co-authored-by: Arseny Sher <sher-ars@yandex.ru>
* Neon logical replication support for PG14 * Log heap rewrite file after creation. --------- Co-authored-by: Konstantin Knizhnik <knizhnik@neon.tech> Co-authored-by: Arseny Sher <sher-ars@yandex.ru>
* Neon logical replication support for PG14 * Log heap rewrite file after creation. --------- Co-authored-by: Konstantin Knizhnik <knizhnik@neon.tech> Co-authored-by: Arseny Sher <sher-ars@yandex.ru>
* Neon logical replication support for PG14 * Log heap rewrite file after creation. --------- Co-authored-by: Konstantin Knizhnik <knizhnik@neon.tech> Co-authored-by: Arseny Sher <sher-ars@yandex.ru>
No description provided.