[PATCH] Fix off-by-one in PQprintTuples()

Don't write past the end of tborder; the size is width + 1.
---
src/interfaces/libpq/fe-print.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/interfaces/libpq/fe-print.c b/src/interfaces/libpq/fe-print.c
index 076e1cc..7ed489a 100644
--- a/src/interfaces/libpq/fe-print.c
+++ b/src/interfaces/libpq/fe-print.c
@@ -706,7 +706,7 @@ PQprintTuples(const PGresult *res,
fprintf(stderr, libpq_gettext("out of memory\n"));
abort();
}
- for (i = 0; i <= width; i++)
+ for (i = 0; i < width; i++)
tborder[i] = '-';
tborder[i] = '\0';
fprintf(fout, "%s\n", tborder);
--
1.7.10.4

* Xi Wang (xi(dot)wang(at)gmail(dot)com) wrote:
> Don't write past the end of tborder; the size is width + 1.

This whole block of code is woefully without any comments. :(

Strictly speaking, it's this:

tborder[i] = '\0';

Which ends up writing past the end of the buffer (which is allocated as
'width + 1'). Perhaps we should also change that to be:

tborder[width] = '\0';

Thanks,

Stephen

Stephen Frost <sfrost(at)snowman(dot)net> writes:
> Strictly speaking, it's this:

> tborder[i] = '\0';

> Which ends up writing past the end of the buffer (which is allocated as
> 'width + 1'). Perhaps we should also change that to be:

> tborder[width] = '\0';

Yeah, I like that better too. Will commit.

regards, tom lane