Re: Found a buffer-overflow defect in asynchronous database connection API PQconnectPoll

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Sudheer H R <sudheer(dot)hr(at)tekenlight(dot)com>
Cc: pgsql-bugs(at)lists(dot)postgresql(dot)org
Subject: Re: Found a buffer-overflow defect in asynchronous database connection API PQconnectPoll
Date: 2021-06-23 18:03:50
Message-ID: 2338837.1624471430@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

I wrote:
> Hmph. I can't reproduce this on RHEL8: so far as I can tell, the string
> is physically null-terminated, and clang's address sanitizer doesn't
> complain either. Still, given the vagueness of the spec for
> gss_display_status, it seems wise to not assume that every GSS
> implementation acts the same.

I've committed fixes to make our code rely on the returned length
field instead. Hopefully that won't expose any new bugs in other
GSS implementations :-(

regards, tom lane

In response to

Responses

Browse pgsql-bugs by date

  From Date Subject
Next Message Tom Lane 2021-06-23 19:20:08 Re: BUG #17071: ORDER BY gets ignored when result set has only one row, but another one gets added by rollup()
Previous Message Tom Lane 2021-06-23 16:02:40 Re: Found a buffer-overflow defect in asynchronous database connection API PQconnectPoll