From 109689586ef0fafaeaef422677c67f026082dc44 Mon Sep 17 00:00:00 2001
From: Daniele Varrazzo <daniele.varrazzo@gmail.com>
Date: Mon, 22 Apr 2013 00:48:53 +0100
Subject: [PATCH] Fixed access to uninit'd mem in repack_indexdef

If the tablespace is the last token in the indexdef, skip_ident returns a
pointer *after* the term zero, so garbage may end up after the statement.
---
 lib/repack.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/repack.c b/lib/repack.c
index 19cb089..125acce 100644
--- a/lib/repack.c
+++ b/lib/repack.c
@@ -662,12 +662,13 @@ repack_indexdef(PG_FUNCTION_ARGS)
 		else
 		{
 			/* tablespace is to replace */
-			char *tmp;
+			char *tmp, *limit;
+			limit = strchr(stmt.options, '\0');
 			tmp = skip_const(index, stmt.options, " TABLESPACE", NULL);
 			appendStringInfoString(&str, stmt.options);
 			appendStringInfo(&str, " %s", NameStr(*tablespace));
 			tmp = skip_ident(index, tmp);
-			if (*tmp)
+			if (tmp < limit)
 				appendStringInfo(&str, " %s", tmp);
 		}
 	}