[SECURITY] DoS attack on backend possible (was: Re: [COMMITTERS] pgsql-server/src)

From: Florian Weimer <Weimer(at)CERT(dot)Uni-Stuttgart(dot)DE>
To: pgsql-hackers(at)postgresql(dot)org
Subject: [SECURITY] DoS attack on backend possible (was: Re: [COMMITTERS] pgsql-server/src)
Date: 2002-08-09 19:50:04
Message-ID: 87n0rv7qxf.fsf_-_@CERT.Uni-Stuttgart.DE
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-committers pgsql-hackers

Florian Weimer <Weimer(at)CERT(dot)Uni-Stuttgart(dot)DE> writes:

> Neil Conway <nconway(at)klamath(dot)dyndns(dot)org> writes:
>
>> Thomas can correct me if I'm mistaken, but I believe these changes apply
>> to the new integer datetime code
>
> No, it's possible to crash the backend in 7.2, too.

And 7.2.1, of course.

Let me ask again: Do you plan to address this in an update for 7.2.1?

--
Florian Weimer Weimer(at)CERT(dot)Uni-Stuttgart(dot)DE
University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT fax +49-711-685-5898

In response to

Responses

Browse pgsql-committers by date

  From Date Subject
Next Message Justin Clift 2002-08-09 19:59:45 Re: [SECURITY] DoS attack on backend possible (was: Re:
Previous Message Tom Lane 2002-08-09 18:06:57 pgsql-server/src/bin/psql describe.c

Browse pgsql-hackers by date

  From Date Subject
Next Message Justin Clift 2002-08-09 19:59:45 Re: [SECURITY] DoS attack on backend possible (was: Re:
Previous Message Teodor Sigaev 2002-08-09 18:45:27 Please, apply another patch to contrib/ltree