From 3a647a24861d366f6386dffd340962a4b0182397 Mon Sep 17 00:00:00 2001 From: Zsolt Parragi Date: Fri, 5 Dec 2025 19:44:58 +0000 Subject: [PATCH] Correct the size of tmp array The snprintf using it should work with any int, which means this string has to fit ",-2147483648\0", which is 12 characters + a null terminator. Otherwise it could lead to a buffer overflow, corrupting other variables on the stack, and maybe causing a crash too? --- pg_stat_monitor.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pg_stat_monitor.c b/pg_stat_monitor.c index 2338c06..00c2c00 100644 --- a/pg_stat_monitor.c +++ b/pg_stat_monitor.c @@ -3774,7 +3774,7 @@ intarray_get_datum(int32 arr[], int len) { int j; char str[1024]; - char tmp[10]; + char tmp[13]; str[0] = '\0';