Re: fix for palloc() of user-supplied length

----- Original Message -----
From: "Bruce Momjian" <pgman(at)candle(dot)pha(dot)pa(dot)us>
Sent: September 02, 2002 1:05 AM

> Would someone submit a patch for this?

Working on it.

-s

> Tom Lane wrote:
> > Neil Conway <neilc(at)samurai(dot)com> writes:
> > > (2) The length supplied by the user is completely ignored by
> > > the code, and it simply reads the input until it sees a
> > > NULL terminator (read the comments in the code about 10
> > > lines down.) Therefore, any sanity checking on the length
> > > specified by the user is a waste of time.
> >
> > Agreed; the fact that the protocol requires a length word at all is just
> > a hangover from the past. We can read the length word and forget it.
> >
> > I wonder though if it'd be worthwhile to limit the length of the string
> > that we are willing to read from the client in the second step. We are
> > at this point dealing with an unauthenticated user, so we should be
> > untrusting. And I think Sir Mordred has a point: forcing a backend to
> > allocate a lot of memory can be a form of DoS attack.
> >
> > regards, tom lane