From: | Ranier Vilela <ranier(dot)vf(at)gmail(dot)com> |
---|---|
To: | Michael Paquier <michael(at)paquier(dot)xyz> |
Cc: | Kyotaro Horiguchi <horikyota(dot)ntt(at)gmail(dot)com>, Pg Hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: pg_cryptohash_final possible out-of-bounds access (per Coverity) |
Date: | 2021-02-14 00:33:48 |
Message-ID: | CAEudQAqg_rfJvx6U+Ys4hmwVvgOssRAhBX2vRkzRYBrCtxZezg@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Em sáb., 13 de fev. de 2021 às 20:32, Michael Paquier <michael(at)paquier(dot)xyz>
escreveu:
> On Sat, Feb 13, 2021 at 05:37:32PM -0300, Ranier Vilela wrote:
> > IMO there is no necessity in back-patching.
>
> You are missing the point here. What you are proposing here would not
> be backpatched. However, reusing the same words as upthread, this has
> a cost in terms of *future* maintenance. In short, any *future*
> potential bug fix that would require to be backpatched in need of
> using this function or touching its area would result in a conflict.
>
Ok. +1 for back-patching.
Any future maintenance, or use of that functions, need to consult the api.
scram_HMAC_init(scram_HMAC_ctx *ctx, const uint8 *key, int keylen);
scram_HMAC_update(scram_HMAC_ctx *ctx, const char *str, int slen);
scram_HMAC_final(uint8 *result, scram_HMAC_ctx *ctx);
See both "result" and "ctx" are pointers.
Someone can use like this:
scram_HMAC_init(&ctx, key, keylen);
scram_HMAC_update(&ctx, str, slen);
scram_HMAC_final(&ctx, result); // parameters wrong order
And many compilers won't complain.
regards,
Ranier Vilela
From | Date | Subject | |
---|---|---|---|
Next Message | Alexander Korotkov | 2021-02-14 00:42:28 | Re: Detecting pointer misalignment (was Re: pgsql: Implementation of subscripting for jsonb) |
Previous Message | Michael Paquier | 2021-02-13 23:32:03 | Re: pg_cryptohash_final possible out-of-bounds access (per Coverity) |