| From: | Daniel Gustafsson <dgustafsson(at)postgresql(dot)org> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: pgcrypto: Fix check for buffer size |
| Date: | 2024-01-30 10:28:09 |
| Message-ID: | E1rUlLd-003pPo-T0@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
pgcrypto: Fix check for buffer size
The code copying the PGP block into the temp buffer failed to
account for the extra 2 bytes in the buffer which are needed
for the prefix. If the block was oversized, subsequent checks
of the prefix would have exceeded the buffer size. Since the
block sizes are hardcoded in the list of supported ciphers it
can be verified that there is no live bug here. Backpatch all
the way for consistency though, as this bug is old.
Author: Mikhail Gribkov <youzhick(at)gmail(dot)com>
Discussion: https://postgr.es/m/CAMEv5_uWvcMCMdRFDsJLz2Q8g16HEa9xWyfrkr+FYMMFJhawOw@mail.gmail.com
Backpatch-through: v12
Branch
------
REL_13_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/375d30bcbbd07eb82144533fd4a30640af680e81
Modified Files
--------------
contrib/pgcrypto/pgp-decrypt.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Gustafsson | 2024-01-30 10:28:20 | pgsql: pgcrypto: Fix check for buffer size |
| Previous Message | Daniel Gustafsson | 2024-01-30 10:28:01 | pgsql: pgcrypto: Fix check for buffer size |