From: | Kyotaro Horiguchi <horikyota(dot)ntt(at)gmail(dot)com> |
---|---|
To: | ranier(dot)vf(at)gmail(dot)com |
Cc: | pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: pg_cryptohash_final possible out-of-bounds access (per Coverity) |
Date: | 2021-02-10 03:13:44 |
Message-ID: | 20210210.121344.243289801471383380.horikyota.ntt@gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
At Tue, 9 Feb 2021 22:01:45 -0300, Ranier Vilela <ranier(dot)vf(at)gmail(dot)com> wrote in
> Hi Hackers,
>
> Per Coverity.
>
> Coverity complaints about pg_cryptohash_final function.
> And I agree with Coverity, it's a bad design.
> Its allows this:
>
> #define MY_RESULT_LENGTH 32
>
> function pgtest(char * buffer, char * text) {
> pg_cryptohash_ctx *ctx;
> uint8 digest[MY_RESULT_LENGTH];
>
> ctx = pg_cryptohash_create(PG_SHA512);
> pg_cryptohash_init(ctx);
> pg_cryptohash_update(ctx, (uint8 *) buffer, text);
> pg_cryptohash_final(ctx, digest); // <-- CID 1446240 (#1 of 1):
> Out-of-bounds access (OVERRUN)
> pg_cryptohash_free(ctx);
> return
> }
>
> Attached has a patch with suggestions to make things better.
I'm not sure about the details, but it looks like broken.
make complains for inconsistent prototypes abd cryptohahs.c and sha1.c
doesn't seem to agree on its interface.
regards.
--
Kyotaro Horiguchi
NTT Open Source Software Center
From | Date | Subject | |
---|---|---|---|
Next Message | Kyotaro Horiguchi | 2021-02-10 03:16:59 | Re: pg_cryptohash_final possible out-of-bounds access (per Coverity) |
Previous Message | Kyotaro Horiguchi | 2021-02-10 02:49:52 | Re: Is Recovery actually paused? |