]> git.ipfire.org Git - thirdparty/postgresql.git/commit
projects / thirdparty / postgresql.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1c8336e) | patch
pgcrypto: Fix check for buffer size
authorDaniel Gustafsson <dgustafsson@postgresql.org>
Tue, 30 Jan 2024 10:15:46 +0000 (11:15 +0100)
committerDaniel Gustafsson <dgustafsson@postgresql.org>
Tue, 30 Jan 2024 10:15:46 +0000 (11:15 +0100)
commit5d726c72cd0f6b13842896058151bac5f68b4100
treea062c58d092e5ea7f8c665c152607316c8f36a27tree | snapshot
parent1c8336e3e2f35e3968f73afc3a78ff34aaa523e2commit | diff
pgcrypto: Fix check for buffer size

The code copying the PGP block into the temp buffer failed to
account for the extra 2 bytes in the buffer which are needed
for the prefix. If the block was oversized, subsequent checks
of the prefix would have exceeded the buffer size.  Since the
block sizes are hardcoded in the list of supported ciphers it
can be verified that there is no live bug here. Backpatch all
the way for consistency though, as this bug is old.

Author: Mikhail Gribkov <youzhick@gmail.com>
Discussion: https://postgr.es/m/CAMEv5_uWvcMCMdRFDsJLz2Q8g16HEa9xWyfrkr+FYMMFJhawOw@mail.gmail.com
Backpatch-through: v12
contrib/pgcrypto/pgp-decrypt.c diff | blob | blame | history
Mirror of https://git.postgresql.org/git/postgresql.git