git.ipfire.org Git - thirdparty/postgresql.git/commit

author	Heikki Linnakangas <heikki.linnakangas@iki.fi>
	Mon, 11 May 2026 12:13:49 +0000 (05:13 -0700)
committer	Noah Misch <noah@leadboat.com>
	Mon, 11 May 2026 12:13:49 +0000 (05:13 -0700)
commit	1604939b2210b93e34572ee6df499d103849c53e
tree	c6663af7883e4c368556f20ede034a75569fd88a	tree \| snapshot
parent	5c1069c35b49227f955735ea5f2a2ee1c9c48a63	commit \| diff

Add timingsafe_bcmp(), for constant-time memory comparison

timingsafe_bcmp() should be used instead of memcmp() or a naive
for-loop, when comparing passwords or secret tokens, to avoid leaking
information about the secret token by timing. This commit just
introduces the function but does not change any existing code to use
it yet.

This has been initially applied as of 09be39112654 in v18 and newer
versions, and will be used in all the stable branches for an upcoming
fix.

Co-authored-by: Jelte Fennema-Nio <github-tech@jeltef.nl>
Discussion: https://www.postgresql.org/message-id/7b86da3b-9356-4e50-aa1b-56570825e234@iki.fi
Security: CVE-2026-6478
Backpatch-through: 14

configure		diff \| blob \| blame \| history
configure.ac		diff \| blob \| blame \| history
meson.build		diff \| blob \| blame \| history
src/include/pg_config.h.in		diff \| blob \| blame \| history
src/include/port.h		diff \| blob \| blame \| history
src/port/meson.build		diff \| blob \| blame \| history
src/port/timingsafe_bcmp.c	[new file with mode: 0644]	blob
src/tools/msvc/Mkvcbuild.pm		diff \| blob \| blame \| history
src/tools/msvc/Solution.pm		diff \| blob \| blame \| history