| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
| Cc: | "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Thread-unsafe MD5 on big-endian systems with no OpenSSL |
| Date: | 2024-08-06 14:04:58 |
| Message-ID: | CA+TgmobCwNGU+CKUruJQ_F1+++c9f+P0bh2An2sUO-bKSEC1Sg@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Aug 6, 2024 at 8:23 AM Heikki Linnakangas <hlinnaka(at)iki(dot)fi> wrote:
> While browsing through all our global variables for the multithreading
> effort, I noticed that our MD5 implementation in src/common/md5.c uses a
> static buffer on big-endian systems, which makes it not thread-safe.
> That's a bug because that function is also used in libpq.
>
> This was introduced in commit b67b57a966, which replaced the old MD5
> fallback implementation with the one from pgcrypto. The thread-safety
> didn't matter for pgcrypto, but for libpq it does.
>
> This only affects big-endian systems that are compiled without OpenSSL.
LGTM.
--
Robert Haas
EDB: http://www.enterprisedb.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2024-08-06 14:20:36 | Re: Fix comments in instr_time.h and remove an unneeded cast to int64 |
| Previous Message | Robert Haas | 2024-08-06 14:02:15 | Re: Detailed release notes |