From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
Subject: | pgsql: Guard against enormously long input in pg_saslprep(). |
Date: | 2024-10-28 18:39:09 |
Message-ID: | E1t5Udy-002snQ-BX@gemulon.postgresql.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-committers |
Guard against enormously long input in pg_saslprep().
Coverity complained that pg_saslprep() could suffer integer overflow,
leading to under-allocation of the output buffer, if the input string
exceeds SIZE_MAX/4. This hazard seems largely hypothetical, but it's
easy enough to defend against, so let's do so.
This patch creates a third place in src/common/ where we are locally
defining MaxAllocSize so that we can test against that in the same way
in backend and frontend compiles. That seems like about two places
too many, so the next patch will move that into common/fe_memutils.h.
I'm hesitant to do that in back branches however.
Back-patch to v14. The code looks similar in older branches, but
before commit 67a472d71 there was a separate test on the input string
length that prevented this hazard.
Per Coverity report.
Branch
------
REL_17_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/e631ed89c2e58464d3969badf2d5d065411b93f0
Modified Files
--------------
src/common/saslprep.c | 7 +++++++
1 file changed, 7 insertions(+)
From | Date | Subject | |
---|---|---|---|
Next Message | Alexander Korotkov | 2024-10-28 19:42:52 | Re: pgsql: Implement pg_wal_replay_wait() stored procedure |
Previous Message | Alexander Korotkov | 2024-10-28 18:35:02 | Re: pgsql: Implement pg_wal_replay_wait() stored procedure |