From: | tgl(at)postgresql(dot)org (Tom Lane) |
---|---|
To: | pgsql-committers(at)postgresql(dot)org |
Subject: | pgsql: Fix combo_decrypt() to throw an error for zero-length input when |
Date: | 2007-08-23 16:16:05 |
Message-ID: | 20070823161605.8EDBF7541FB@cvs.postgresql.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-committers |
Log Message:
-----------
Fix combo_decrypt() to throw an error for zero-length input when using a
padded encryption scheme. Formerly it would try to access res[(unsigned) -1],
which resulted in core dumps on 64-bit machines, and was certainly trouble
waiting to happen on 32-bit machines (though in at least the known case
it was harmless because that byte would be overwritten after return).
Per report from Ken Colson; fix by Marko Kreen.
Tags:
----
REL8_1_STABLE
Modified Files:
--------------
pgsql/contrib/pgcrypto:
px.c (r1.15 -> r1.15.2.1)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/pgcrypto/px.c?r1=1.15&r2=1.15.2.1)
px.h (r1.16 -> r1.16.2.1)
(http://developer.postgresql.org/cvsweb.cgi/pgsql/contrib/pgcrypto/px.h?r1=1.16&r2=1.16.2.1)
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2007-08-23 16:16:11 | pgsql: Fix combo_decrypt() to throw an error for zero-length input when |
Previous Message | Tom Lane | 2007-08-23 16:15:57 | pgsql: Fix combo_decrypt() to throw an error for zero-length input when |