[
    [
        "diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c\nindex ec83f413a7ed19..88a565f130a5a2 100644\n--- a/net/wireless/nl80211.c\n+++ b/net/wireless/nl80211.c\n@@ -3406,12 +3406,12 @@ static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)\n \ti = 0;\n \tif (info->attrs[NL80211_ATTR_SCAN_SSIDS]) {\n \t\tnla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) {\n+\t\t\trequest->ssids[i].ssid_len = nla_len(attr);\n \t\t\tif (request->ssids[i].ssid_len > IEEE80211_MAX_SSID_LEN) {\n \t\t\t\terr = -EINVAL;\n \t\t\t\tgoto out_free;\n \t\t\t}\n \t\t\tmemcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr));\n-\t\t\trequest->ssids[i].ssid_len = nla_len(attr);\n \t\t\ti++;\n \t\t}\n \t}\n@@ -3572,6 +3572,7 @@ static int nl80211_start_sched_scan(struct sk_buff *skb,\n \tif (info->attrs[NL80211_ATTR_SCAN_SSIDS]) {\n \t\tnla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS],\n \t\t\t\t    tmp) {\n+\t\t\trequest->ssids[i].ssid_len = nla_len(attr);\n \t\t\tif (request->ssids[i].ssid_len >\n \t\t\t    IEEE80211_MAX_SSID_LEN) {\n \t\t\t\terr = -EINVAL;\n@@ -3579,7 +3580,6 @@ static int nl80211_start_sched_scan(struct sk_buff *skb,\n \t\t\t}\n \t\t\tmemcpy(request->ssids[i].ssid, nla_data(attr),\n \t\t\t       nla_len(attr));\n-\t\t\trequest->ssids[i].ssid_len = nla_len(attr);\n \t\t\ti++;\n \t\t}\n \t}",
        "nl80211: fix check for valid SSID size in scan operations\nIn both trigger_scan and sched_scan operations, we were checking for\nthe SSID length before assigning the value correctly.  Since the\nmemory was just kzalloc'ed, the check was always failing and SSID with\nover 32 characters were allowed to go through.\n\nThis was causing a buffer overflow when copying the actual SSID to the\nproper place.\n\nThis bug has been there since 2.6.29-rc4.\n\nCc: stable@kernel.org\nSigned-off-by: Luciano Coelho <coelho@ti.com>\nSigned-off-by: John W. Linville <linville@tuxdriver.com>"
    ],
    [
        "diff --git a/src/include/utils/datetime.h b/src/include/utils/datetime.h\nindex 12f1e7753c..b10648269f 100644\n--- a/src/include/utils/datetime.h\n+++ b/src/include/utils/datetime.h\n@@ -188,12 +188,17 @@ struct tzEntry;\n #define DTK_DATE_M\t\t(DTK_M(YEAR) | DTK_M(MONTH) | DTK_M(DAY))\n #define DTK_TIME_M\t\t(DTK_M(HOUR) | DTK_M(MINUTE) | DTK_ALL_SECS_M)\n \n-#define MAXDATELEN\t\t63\t\t/* maximum possible length of an input date\n-\t\t\t\t\t\t\t\t * string (not counting tr. null) */\n-#define MAXDATEFIELDS\t25\t\t/* maximum possible number of fields in a date\n-\t\t\t\t\t\t\t\t * string */\n-#define TOKMAXLEN\t\t10\t\t/* only this many chars are stored in\n-\t\t\t\t\t\t\t\t * datetktbl */\n+/*\n+ * Working buffer size for input and output of interval, timestamp, etc.\n+ * Inputs that need more working space will be rejected early.  Longer outputs\n+ * will overrun buffers, so this must suffice for all possible output.  As of\n+ * this writing, interval_out() needs the most space at ~90 bytes.\n+ */\n+#define MAXDATELEN\t\t128\n+/* maximum possible number of fields in a date string */\n+#define MAXDATEFIELDS\t25\n+/* only this many chars are stored in datetktbl */\n+#define TOKMAXLEN\t\t10\n \n /* keep this struct small; it gets used a lot */\n typedef struct\ndiff --git a/src/interfaces/ecpg/pgtypeslib/datetime.c b/src/interfaces/ecpg/pgtypeslib/datetime.c\nindex 6600759220..a271cdd7d1 100644\n--- a/src/interfaces/ecpg/pgtypeslib/datetime.c\n+++ b/src/interfaces/ecpg/pgtypeslib/datetime.c\n@@ -60,14 +60,14 @@ PGTYPESdate_from_asc(char *str, char **endptr)\n \tint\t\t\tnf;\n \tchar\t   *field[MAXDATEFIELDS];\n \tint\t\t\tftype[MAXDATEFIELDS];\n-\tchar\t\tlowstr[MAXDATELEN + 1];\n+\tchar\t\tlowstr[MAXDATELEN + MAXDATEFIELDS];\n \tchar\t   *realptr;\n \tchar\t  **ptr = (endptr != NULL) ? endptr : &realptr;\n \n \tbool\t\tEuroDates = FALSE;\n \n \terrno = 0;\n-\tif (strlen(str) >= sizeof(lowstr))\n+\tif (strlen(str) > MAXDATELEN)\n \t{\n \t\terrno = PGTYPES_DATE_BAD_DATE;\n \t\treturn INT_MIN;\ndiff --git a/src/interfaces/ecpg/pgtypeslib/dt.h b/src/interfaces/ecpg/pgtypeslib/dt.h\nindex d7a1935516..3a50d1410e 100644\n--- a/src/interfaces/ecpg/pgtypeslib/dt.h\n+++ b/src/interfaces/ecpg/pgtypeslib/dt.h\n@@ -192,12 +192,17 @@ typedef double fsec_t;\n #define DTK_DATE_M\t\t(DTK_M(YEAR) | DTK_M(MONTH) | DTK_M(DAY))\n #define DTK_TIME_M\t\t(DTK_M(HOUR) | DTK_M(MINUTE) | DTK_M(SECOND))\n \n-#define MAXDATELEN\t\t63\t\t/* maximum possible length of an input date\n-\t\t\t\t\t\t\t\t * string (not counting tr. null) */\n-#define MAXDATEFIELDS\t25\t\t/* maximum possible number of fields in a date\n-\t\t\t\t\t\t\t\t * string */\n-#define TOKMAXLEN\t\t10\t\t/* only this many chars are stored in\n-\t\t\t\t\t\t\t\t * datetktbl */\n+/*\n+ * Working buffer size for input and output of interval, timestamp, etc.\n+ * Inputs that need more working space will be rejected early.  Longer outputs\n+ * will overrun buffers, so this must suffice for all possible output.  As of\n+ * this writing, PGTYPESinterval_to_asc() needs the most space at ~90 bytes.\n+ */\n+#define MAXDATELEN\t\t128\n+/* maximum possible number of fields in a date string */\n+#define MAXDATEFIELDS\t25\n+/* only this many chars are stored in datetktbl */\n+#define TOKMAXLEN\t\t10\n \n /* keep this struct small; it gets used a lot */\n typedef struct\ndiff --git a/src/interfaces/ecpg/pgtypeslib/dt_common.c b/src/interfaces/ecpg/pgtypeslib/dt_common.c\nindex 112538ed50..c5d91ed922 100644\n--- a/src/interfaces/ecpg/pgtypeslib/dt_common.c\n+++ b/src/interfaces/ecpg/pgtypeslib/dt_common.c\n@@ -1171,15 +1171,22 @@ DecodeNumberField(int len, char *str, int fmask,\n \tif ((cp = strchr(str, '.')) != NULL)\n \t{\n #ifdef HAVE_INT64_TIMESTAMP\n-\t\tchar\t\tfstr[MAXDATELEN + 1];\n+\t\tchar\t\tfstr[7];\n+\t\tint\t\t\ti;\n+\n+\t\tcp++;\n \n \t\t/*\n \t\t * OK, we have at most six digits to care about. Let's construct a\n-\t\t * string and then do the conversion to an integer.\n+\t\t * string with those digits, zero-padded on the right, and then do\n+\t\t * the conversion to an integer.\n+\t\t *\n+\t\t * XXX This truncates the seventh digit, unlike rounding it as do\n+\t\t * the backend and the !HAVE_INT64_TIMESTAMP case.\n \t\t */\n-\t\tstrcpy(fstr, (cp + 1));\n-\t\tstrcpy(fstr + strlen(fstr), \"000000\");\n-\t\t*(fstr + 6) = '\\0';\n+\t\tfor (i = 0; i < 6; i++)\n+\t\t\tfstr[i] = *cp != '\\0' ? *cp++ : '0';\n+\t\tfstr[i] = '\\0';\n \t\t*fsec = strtol(fstr, NULL, 10);\n #else\n \t\t*fsec = strtod(cp, NULL);\n@@ -1531,15 +1538,22 @@ DecodeTime(char *str, int *tmask, struct tm * tm, fsec_t *fsec)\n \t\telse if (*cp == '.')\n \t\t{\n #ifdef HAVE_INT64_TIMESTAMP\n-\t\t\tchar\t\tfstr[MAXDATELEN + 1];\n+\t\t\tchar\t\tfstr[7];\n+\t\t\tint\t\t\ti;\n+\n+\t\t\tcp++;\n \n \t\t\t/*\n-\t\t\t * OK, we have at most six digits to work with. Let's construct a\n-\t\t\t * string and then do the conversion to an integer.\n+\t\t\t * OK, we have at most six digits to care about. Let's construct a\n+\t\t\t * string with those digits, zero-padded on the right, and then do\n+\t\t\t * the conversion to an integer.\n+\t\t\t *\n+\t\t\t * XXX This truncates the seventh digit, unlike rounding it as do\n+\t\t\t * the backend and the !HAVE_INT64_TIMESTAMP case.\n \t\t\t */\n-\t\t\tstrncpy(fstr, (cp + 1), 7);\n-\t\t\tstrcpy(fstr + strlen(fstr), \"000000\");\n-\t\t\t*(fstr + 6) = '\\0';\n+\t\t\tfor (i = 0; i < 6; i++)\n+\t\t\t\tfstr[i] = *cp != '\\0' ? *cp++ : '0';\n+\t\t\tfstr[i] = '\\0';\n \t\t\t*fsec = strtol(fstr, &cp, 10);\n #else\n \t\t\tstr = cp;\n@@ -1665,6 +1679,9 @@ DecodePosixTimezone(char *str, int *tzp)\n  *\tDTK_NUMBER can hold date fields (yy.ddd)\n  *\tDTK_STRING can hold months (January) and time zones (PST)\n  *\tDTK_DATE can hold Posix time zones (GMT-8)\n+ *\n+ * The \"lowstr\" work buffer must have at least strlen(timestr) + MAXDATEFIELDS\n+ * bytes of space.  On output, field[] entries will point into it.\n  */\n int\n ParseDateTime(char *timestr, char *lowstr,\n@@ -1677,7 +1694,10 @@ ParseDateTime(char *timestr, char *lowstr,\n \t/* outer loop through fields */\n \twhile (*(*endstr) != '\\0')\n \t{\n+\t\t/* Record start of current field */\n \t\tfield[nf] = lp;\n+\t\tif (nf >= MAXDATEFIELDS)\n+\t\t\treturn -1;\n \n \t\t/* leading digit? then date or time */\n \t\tif (isdigit((unsigned char) *(*endstr)))\n@@ -1818,8 +1838,6 @@ ParseDateTime(char *timestr, char *lowstr,\n \t\t/* force in a delimiter after each field */\n \t\t*lp++ = '\\0';\n \t\tnf++;\n-\t\tif (nf > MAXDATEFIELDS)\n-\t\t\treturn -1;\n \t}\n \n \t*numfields = nf;\ndiff --git a/src/interfaces/ecpg/pgtypeslib/interval.c b/src/interfaces/ecpg/pgtypeslib/interval.c\nindex 6d0926882e..d0dee16690 100644\n--- a/src/interfaces/ecpg/pgtypeslib/interval.c\n+++ b/src/interfaces/ecpg/pgtypeslib/interval.c\n@@ -1094,7 +1094,7 @@ PGTYPESinterval_from_asc(char *str, char **endptr)\n \ttm->tm_sec = 0;\n \tfsec = 0;\n \n-\tif (strlen(str) >= sizeof(lowstr))\n+\tif (strlen(str) > MAXDATELEN)\n \t{\n \t\terrno = PGTYPES_INTVL_BAD_INTERVAL;\n \t\treturn NULL;\ndiff --git a/src/interfaces/ecpg/pgtypeslib/timestamp.c b/src/interfaces/ecpg/pgtypeslib/timestamp.c\nindex a560af3c38..b0f9bf1521 100644\n--- a/src/interfaces/ecpg/pgtypeslib/timestamp.c\n+++ b/src/interfaces/ecpg/pgtypeslib/timestamp.c\n@@ -294,7 +294,7 @@ PGTYPEStimestamp_from_asc(char *str, char **endptr)\n \tchar\t   *realptr;\n \tchar\t  **ptr = (endptr != NULL) ? endptr : &realptr;\n \n-\tif (strlen(str) >= sizeof(lowstr))\n+\tif (strlen(str) > MAXDATELEN)\n \t{\n \t\terrno = PGTYPES_TS_BAD_TIMESTAMP;\n \t\treturn (noresult);\ndiff --git a/src/interfaces/ecpg/test/expected/pgtypeslib-dt_test2.c b/src/interfaces/ecpg/test/expected/pgtypeslib-dt_test2.c\nindex d3ebb0e106..0ba1936f1d 100644\n--- a/src/interfaces/ecpg/test/expected/pgtypeslib-dt_test2.c\n+++ b/src/interfaces/ecpg/test/expected/pgtypeslib-dt_test2.c\n@@ -45,6 +45,15 @@ char *dates[] = { \"19990108foobar\",\n \t\t\t\t  \"1999.008\",\n \t\t\t\t  \"J2451187\",\n \t\t\t\t  \"January 8, 99 BC\",\n+\t\t\t\t  /*\n+\t\t\t\t   * Maximize space usage in ParseDateTime() with 25\n+\t\t\t\t   * (MAXDATEFIELDS) fields and 128 (MAXDATELEN) total length.\n+\t\t\t\t   */\n+\t\t\t\t  \"........................Xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\"\n+\t\t\t\t  \"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\",\n+\t\t\t\t  /* 26 fields */\n+\t\t\t\t  \".........................aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\"\n+\t\t\t\t  \"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\",\n \t\t\t\t  NULL };\n \n /* do not conflict with libc \"times\" symbol */\n@@ -52,6 +61,7 @@ static char *times[] = { \"0:04\",\n \t\t\t\t  \"1:59 PDT\",\n \t\t\t\t  \"13:24:40 -8:00\",\n \t\t\t\t  \"13:24:40.495+3\",\n+\t\t\t\t  \"13:24:40.123456789+3\",\n \t\t\t\t  NULL };\n \n char *intervals[] = { \"1 minute\",\n@@ -73,22 +83,22 @@ main(void)\n \t\t \n \t\t \n \t\n-#line 52 \"dt_test2.pgc\"\n+#line 62 \"dt_test2.pgc\"\n  date date1 ;\n  \n-#line 53 \"dt_test2.pgc\"\n+#line 63 \"dt_test2.pgc\"\n  timestamp ts1 , ts2 ;\n  \n-#line 54 \"dt_test2.pgc\"\n+#line 64 \"dt_test2.pgc\"\n  char * text ;\n  \n-#line 55 \"dt_test2.pgc\"\n+#line 65 \"dt_test2.pgc\"\n  interval * i1 ;\n  \n-#line 56 \"dt_test2.pgc\"\n+#line 66 \"dt_test2.pgc\"\n  date * dc ;\n /* exec sql end declare section */\n-#line 57 \"dt_test2.pgc\"\n+#line 67 \"dt_test2.pgc\"\n \n \n \tint i, j;\ndiff --git a/src/interfaces/ecpg/test/expected/pgtypeslib-dt_test2.stdout b/src/interfaces/ecpg/test/expected/pgtypeslib-dt_test2.stdout\nindex 24e9d26dfe..9a4587b498 100644\n--- a/src/interfaces/ecpg/test/expected/pgtypeslib-dt_test2.stdout\n+++ b/src/interfaces/ecpg/test/expected/pgtypeslib-dt_test2.stdout\n@@ -8,85 +8,104 @@ TS[3,0]: 1999-01-08 00:04:00\n TS[3,1]: 1999-01-08 01:59:00\n TS[3,2]: 1999-01-08 13:24:40\n TS[3,3]: 1999-01-08 13:24:40.495\n+TS[3,4]: 1999-01-08 13:24:40.123456\n Date[4]: 1999-01-08 (N - F)\n TS[4,0]: 1999-01-08 00:04:00\n TS[4,1]: 1999-01-08 01:59:00\n TS[4,2]: 1999-01-08 13:24:40\n TS[4,3]: 1999-01-08 13:24:40.495\n+TS[4,4]: 1999-01-08 13:24:40.123456\n Date[5]: 1999-01-08 (N - F)\n TS[5,0]: 1999-01-08 00:04:00\n TS[5,1]: 1999-01-08 01:59:00\n TS[5,2]: 1999-01-08 13:24:40\n TS[5,3]: 1999-01-08 13:24:40.495\n+TS[5,4]: 1999-01-08 13:24:40.123456\n Date[6]: 1999-01-18 (N - F)\n TS[6,0]: 1999-01-18 00:04:00\n TS[6,1]: 1999-01-18 01:59:00\n TS[6,2]: 1999-01-18 13:24:40\n TS[6,3]: 1999-01-18 13:24:40.495\n+TS[6,4]: 1999-01-18 13:24:40.123456\n Date[7]: 2003-01-02 (N - F)\n TS[7,0]: 2003-01-02 00:04:00\n TS[7,1]: 2003-01-02 01:59:00\n TS[7,2]: 2003-01-02 13:24:40\n TS[7,3]: 2003-01-02 13:24:40.495\n+TS[7,4]: 2003-01-02 13:24:40.123456\n Date[8]: 1999-01-08 (N - F)\n TS[8,0]: 1999-01-08 00:04:00\n TS[8,1]: 1999-01-08 01:59:00\n TS[8,2]: 1999-01-08 13:24:40\n TS[8,3]: 1999-01-08 13:24:40.495\n+TS[8,4]: 1999-01-08 13:24:40.123456\n Date[9]: 1999-01-08 (N - F)\n TS[9,0]: 1999-01-08 00:04:00\n TS[9,1]: 1999-01-08 01:59:00\n TS[9,2]: 1999-01-08 13:24:40\n TS[9,3]: 1999-01-08 13:24:40.495\n+TS[9,4]: 1999-01-08 13:24:40.123456\n Date[10]: 1999-01-08 (N - F)\n TS[10,0]: 1999-01-08 00:04:00\n TS[10,1]: 1999-01-08 01:59:00\n TS[10,2]: 1999-01-08 13:24:40\n TS[10,3]: 1999-01-08 13:24:40.495\n+TS[10,4]: 1999-01-08 13:24:40.123456\n Date[11]: 1999-01-08 (N - F)\n TS[11,0]: 1999-01-08 00:04:00\n TS[11,1]: 1999-01-08 01:59:00\n TS[11,2]: 1999-01-08 13:24:40\n TS[11,3]: 1999-01-08 13:24:40.495\n+TS[11,4]: 1999-01-08 13:24:40.123456\n Date[12]: 1999-01-08 (N - F)\n TS[12,0]: 1999-01-08 00:04:00\n TS[12,1]: 1999-01-08 01:59:00\n TS[12,2]: 1999-01-08 13:24:40\n TS[12,3]: 1999-01-08 13:24:40.495\n+TS[12,4]: 1999-01-08 13:24:40.123456\n Date[13]: 2006-01-08 (N - F)\n TS[13,0]: 2006-01-08 00:04:00\n TS[13,1]: 2006-01-08 01:59:00\n TS[13,2]: 2006-01-08 13:24:40\n TS[13,3]: 2006-01-08 13:24:40.495\n+TS[13,4]: 2006-01-08 13:24:40.123456\n Date[14]: 1999-01-08 (N - F)\n TS[14,0]: 1999-01-08 00:04:00\n TS[14,1]: 1999-01-08 01:59:00\n TS[14,2]: 1999-01-08 13:24:40\n TS[14,3]: 1999-01-08 13:24:40.495\n+TS[14,4]: 1999-01-08 13:24:40.123456\n Date[15]: 1999-01-08 (N - F)\n TS[15,0]: 1999-01-08 00:04:00\n TS[15,1]: 1999-01-08 01:59:00\n TS[15,2]: 1999-01-08 13:24:40\n TS[15,3]: 1999-01-08 13:24:40.495\n+TS[15,4]: 1999-01-08 13:24:40.123456\n Date[16]: 1999-01-08 (N - F)\n TS[16,0]: 1999-01-08 00:04:00\n TS[16,1]: 1999-01-08 01:59:00\n TS[16,2]: 1999-01-08 13:24:40\n TS[16,3]: 1999-01-08 13:24:40.495\n+TS[16,4]: 1999-01-08 13:24:40.123456\n Date[17]: 1999-01-08 (N - F)\n TS[17,0]: 1999-01-08 00:04:00\n TS[17,1]: 1999-01-08 01:59:00\n TS[17,2]: 1999-01-08 13:24:40\n TS[17,3]: 1999-01-08 13:24:40.495\n+TS[17,4]: 1999-01-08 13:24:40.123456\n Date[18]: 1999-01-08 (N - F)\n TS[18,0]: 1999-01-08 00:04:00\n TS[18,1]: 1999-01-08 01:59:00\n TS[18,2]: 1999-01-08 13:24:40\n TS[18,3]: 1999-01-08 13:24:40.495\n+TS[18,4]: 1999-01-08 13:24:40.123456\n Date[19]: 0099-01-08 BC (N - F)\n TS[19,0]: 0099-01-08 00:04:00 BC\n TS[19,1]: 0099-01-08 01:59:00 BC\n TS[19,2]: 0099-01-08 13:24:40 BC\n+TS[19,4]: 0099-01-08 13:24:40.123456 BC\n+Date[20]: - (N - T)\n+Date[21]: - (N - T)\n interval[0]: @ 1 min\n interval_copy[0]: @ 1 min\n interval[1]: @ 1 day 12 hours 59 mins 10 secs\ndiff --git a/src/interfaces/ecpg/test/pgtypeslib/dt_test2.pgc b/src/interfaces/ecpg/test/pgtypeslib/dt_test2.pgc\nindex 0edf012fd1..a127dd93a6 100644\n--- a/src/interfaces/ecpg/test/pgtypeslib/dt_test2.pgc\n+++ b/src/interfaces/ecpg/test/pgtypeslib/dt_test2.pgc\n@@ -27,6 +27,15 @@ char *dates[] = { \"19990108foobar\",\n \t\t\t\t  \"1999.008\",\n \t\t\t\t  \"J2451187\",\n \t\t\t\t  \"January 8, 99 BC\",\n+\t\t\t\t  /*\n+\t\t\t\t   * Maximize space usage in ParseDateTime() with 25\n+\t\t\t\t   * (MAXDATEFIELDS) fields and 128 (MAXDATELEN) total length.\n+\t\t\t\t   */\n+\t\t\t\t  \"........................Xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\"\n+\t\t\t\t  \"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\",\n+\t\t\t\t  /* 26 fields */\n+\t\t\t\t  \".........................aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\"\n+\t\t\t\t  \"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\",\n \t\t\t\t  NULL };\n \n /* do not conflict with libc \"times\" symbol */\n@@ -34,6 +43,7 @@ static char *times[] = { \"0:04\",\n \t\t\t\t  \"1:59 PDT\",\n \t\t\t\t  \"13:24:40 -8:00\",\n \t\t\t\t  \"13:24:40.495+3\",\n+\t\t\t\t  \"13:24:40.123456789+3\",\n \t\t\t\t  NULL };\n \n char *intervals[] = { \"1 minute\",\ndiff --git a/src/test/regress/expected/interval.out b/src/test/regress/expected/interval.out\nindex 3bf221187b..99fd0ca490 100644\n--- a/src/test/regress/expected/interval.out\n+++ b/src/test/regress/expected/interval.out\n@@ -306,6 +306,13 @@ select '4 millenniums 5 centuries 4 decades 1 year 4 months 4 days 17 minutes 31\n  @ 4541 years 4 mons 4 days 17 mins 31 secs\n (1 row)\n \n+-- test long interval output\n+select '100000000y 10mon -1000000000d -1000000000h -10min -10.000001s ago'::interval;\n+                                         interval                                          \n+-------------------------------------------------------------------------------------------\n+ @ 100000000 years 10 mons -1000000000 days -1000000000 hours -10 mins -10.000001 secs ago\n+(1 row)\n+\n -- test justify_hours() and justify_days()\n SELECT justify_hours(interval '6 months 3 days 52 hours 3 minutes 2 seconds') as \"6 mons 5 days 4 hours 3 mins 2 seconds\";\n  6 mons 5 days 4 hours 3 mins 2 seconds \ndiff --git a/src/test/regress/sql/interval.sql b/src/test/regress/sql/interval.sql\nindex f1da4c2911..7cee2864de 100644\n--- a/src/test/regress/sql/interval.sql\n+++ b/src/test/regress/sql/interval.sql\n@@ -108,6 +108,8 @@ select avg(f1) from interval_tbl;\n -- test long interval input\n select '4 millenniums 5 centuries 4 decades 1 year 4 months 4 days 17 minutes 31 seconds'::interval;\n \n+-- test long interval output\n+select '100000000y 10mon -1000000000d -1000000000h -10min -10.000001s ago'::interval;\n \n -- test justify_hours() and justify_days()\n \n-- \n2.30.2\n",
        "Many server functions use the MAXDATELEN constant to size a buffer for\nparsing or displaying a datetime value.  It was much too small for the\nlongest possible interval output and slightly too small for certain\nvalid timestamp input, particularly input with a long timezone name.\nThe long input was rejected needlessly; the long output caused\ninterval_out() to overrun its buffer.  ECPG's pgtypes library has a copy\nof the vulnerable functions, which bore the same vulnerabilities along\nwith some of its own.  In contrast to the server, certain long inputs\ncaused stack overflow rather than failing cleanly.  Back-patch to 8.4\n(all supported versions).\n\nReported by Daniel SchAssler, reviewed by Tom Lane.\n\nSecurity: CVE-2014-0063"
    ],
    [
        "diff --git a/src/lxc/lxclock.c b/src/lxc/lxclock.c\nindex fe13898df9..e9e95f7a01 100644\n--- a/src/lxc/lxclock.c\n+++ b/src/lxc/lxclock.c\n@@ -103,13 +103,13 @@ static char *lxclock_name(const char *p, const char *n)\n \tchar *rundir;\n \n \t/* lockfile will be:\n-\t * \"/run\" + \"/lock/lxc/$lxcpath/$lxcname + '\\0' if root\n+\t * \"/run\" + \"/lxc/lock/$lxcpath/$lxcname + '\\0' if root\n \t * or\n-\t * $XDG_RUNTIME_DIR + \"/lock/lxc/$lxcpath/$lxcname + '\\0' if non-root\n+\t * $XDG_RUNTIME_DIR + \"/lxc/lock/$lxcpath/$lxcname + '\\0' if non-root\n \t */\n \n-\t/* length of \"/lock/lxc/\" + $lxcpath + \"/\" + \".\" + $lxcname + '\\0' */\n-\tlen = strlen(\"/lock/lxc/\") + strlen(n) + strlen(p) + 3;\n+\t/* length of \"/lxc/lock/\" + $lxcpath + \"/\" + \".\" + $lxcname + '\\0' */\n+\tlen = strlen(\"/lxc/lock/\") + strlen(n) + strlen(p) + 3;\n \trundir = get_rundir();\n \tif (!rundir)\n \t\treturn NULL;\n@@ -120,7 +120,7 @@ static char *lxclock_name(const char *p, const char *n)\n \t\treturn NULL;\n \t}\n \n-\tret = snprintf(dest, len, \"%s/lock/lxc/%s\", rundir, p);\n+\tret = snprintf(dest, len, \"%s/lxc/lock/%s\", rundir, p);\n \tif (ret < 0 || ret >= len) {\n \t\tfree(dest);\n \t\tfree(rundir);\n@@ -128,40 +128,13 @@ static char *lxclock_name(const char *p, const char *n)\n \t}\n \tret = mkdir_p(dest, 0755);\n \tif (ret < 0) {\n-\t\t/* fall back to \"/tmp/\" + $(id -u) + \"/lxc\" + $lxcpath + \"/\" + \".\" + $lxcname + '\\0'\n-\t\t * * maximum length of $(id -u) is 10 calculated by (log (2 ** (sizeof(uid_t) * 8) - 1) / log 10 + 1)\n-\t\t * * lxcpath always starts with '/'\n-\t\t */\n-\t\tint l2 = 22 + strlen(n) + strlen(p);\n-\t\tif (l2 > len) {\n-\t\t\tchar *d;\n-\t\t\td = realloc(dest, l2);\n-\t\t\tif (!d) {\n-\t\t\t\tfree(dest);\n-\t\t\t\tfree(rundir);\n-\t\t\t\treturn NULL;\n-\t\t\t}\n-\t\t\tlen = l2;\n-\t\t\tdest = d;\n-\t\t}\n-\t\tret = snprintf(dest, len, \"/tmp/%d/lxc%s\", geteuid(), p);\n-\t\tif (ret < 0 || ret >= len) {\n-\t\t\tfree(dest);\n-\t\t\tfree(rundir);\n-\t\t\treturn NULL;\n-\t\t}\n-\t\tret = mkdir_p(dest, 0755);\n-\t\tif (ret < 0) {\n-\t\t\tfree(dest);\n-\t\t\tfree(rundir);\n-\t\t\treturn NULL;\n-\t\t}\n-\t\tret = snprintf(dest, len, \"/tmp/%d/lxc%s/.%s\", geteuid(), p, n);\n-\t} else\n-\t\tret = snprintf(dest, len, \"%s/lock/lxc/%s/.%s\", rundir, p, n);\n+\t\tfree(dest);\n+\t\tfree(rundir);\n+\t\treturn NULL;\n+\t}\n \n+\tret = snprintf(dest, len, \"%s/lxc/lock/%s/.%s\", rundir, p, n);\n \tfree(rundir);\n-\n \tif (ret < 0 || ret >= len) {\n \t\tfree(dest);\n \t\treturn NULL;\ndiff --git a/src/tests/locktests.c b/src/tests/locktests.c\nindex dd3393a893..233ca127c6 100644\n--- a/src/tests/locktests.c\n+++ b/src/tests/locktests.c\n@@ -122,7 +122,7 @@ int main(int argc, char *argv[])\n \t\texit(1);\n \t}\n \tstruct stat sb;\n-\tchar *pathname = RUNTIME_PATH \"/lock/lxc/var/lib/lxc/\";\n+\tchar *pathname = RUNTIME_PATH \"/lxc/lock/var/lib/lxc/\";\n \tret = stat(pathname, &sb);\n \tif (ret != 0) {\n \t\tfprintf(stderr, \"%d: filename %s not created\\n\", __LINE__,\n",
        "lxclock: use /run/lxc/lock rather than /run/lock/lxc\nThis prevents an unprivileged user to use LXC to create arbitrary file\non the filesystem.\n\nSigned-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>\nSigned-off-by: Tyler Hicks <tyhicks@canonical.com>\nAcked-by: Stephane Graber <stgraber@ubuntu.com>"
    ]
]