Replace static buf with a stack-allocated one in 'seg' extension

The buffer is used only locally within the function. Also, the
initialization to '0' characters was unnecessary, the initial content
were always overwritten with sprintf(). I don't understand why it was
done that way, but it's been like that since forever.

In the passing, change from sprintf() to snprintf(). The buffer was
long enough so sprintf() was fine, but this makes it more obvious that
there's no risk of a buffer overflow.

Reviewed-by: Robert Haas
Discussion: https://www.postgresql.org/message-id/7f86e06a-98c5-4ce3-8ec9-3885c8de0358@iki.fi

diff --git a/contrib/seg/segparse.y b/contrib/seg/segparse.y
index 729d4b6390b0a606016db7dbc352bcede1364180..9635c3af6e62713e0a05fdc03fcf4df4fcf03cea 100644 (file)
--- a/contrib/seg/segparse.y
+++ b/contrib/seg/segparse.y
@@ -29,14 +29,6 @@ static bool seg_atof(char *value, float *result, struct Node *escontext);
 
 static int sig_digits(const char *value);
 
-static char strbuf[25] = {
-   '0', '0', '0', '0', '0',
-   '0', '0', '0', '0', '0',
-   '0', '0', '0', '0', '0',
-   '0', '0', '0', '0', '0',
-   '0', '0', '0', '0', '\0'
-};
-
 %}
 
 /* BISON Declarations */
@@ -69,11 +61,13 @@ static char strbuf[25] = {
 
 range: boundary PLUMIN deviation
    {
+       char        strbuf[25];
+
        result->lower = $1.val - $3.val;
        result->upper = $1.val + $3.val;
-       sprintf(strbuf, "%g", result->lower);
+       snprintf(strbuf, sizeof(strbuf), "%g", result->lower);
        result->l_sigd = Max(sig_digits(strbuf), Max($1.sigd, $3.sigd));
-       sprintf(strbuf, "%g", result->upper);
+       snprintf(strbuf, sizeof(strbuf), "%g", result->upper);
        result->u_sigd = Max(sig_digits(strbuf), Max($1.sigd, $3.sigd));
        result->l_ext = '\0';
        result->u_ext = '\0';