Quick Links

Re: pg_cryptohash_final possible out-of-bounds access (per Coverity)

From:	Michael Paquier <michael(at)paquier(dot)xyz>
To:	Ranier Vilela <ranier(dot)vf(at)gmail(dot)com>
Cc:	Kyotaro Horiguchi <horikyota(dot)ntt(at)gmail(dot)com>, Pg Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: pg_cryptohash_final possible out-of-bounds access (per Coverity)
Date:	2021-02-15 01:28:19
Message-ID:	YCnOM2bt+T1Tf4aG@paquier.xyz
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On Sun, Feb 14, 2021 at 11:39:47AM -0300, Ranier Vilela wrote:
> What do you think?

That's not a good idea for two reasons:
1) There is CRC32 to worry about, which relies on a different logic.
2) It would become easier to miss the new option as compilation would
not warn anymore if a new checksum type is added.

I have reviewed my patch this morning, tweaked a comment, and applied
it.
--
Michael

In response to

Re: pg_cryptohash_final possible out-of-bounds access (per Coverity) at 2021-02-14 14:39:47 from Ranier Vilela

Responses

Re: pg_cryptohash_final possible out-of-bounds access (per Coverity) at 2021-02-15 13:58:42 from Ranier Vilela

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Thomas Munro	2021-02-15 01:33:00	Re: shared tempfile was not removed on statement_timeout
Previous Message	Thomas Munro	2021-02-15 01:19:45	Re: doing something about the broken dynloader.h symlink