git.ipfire.org Git - thirdparty/postgresql.git/commit

author	Heikki Linnakangas <heikki.linnakangas@iki.fi>
	Mon, 11 May 2026 12:13:48 +0000 (05:13 -0700)
committer	Noah Misch <noah@leadboat.com>
	Mon, 11 May 2026 12:13:48 +0000 (05:13 -0700)
commit	8e34acfda11595fdf2b1cfa96dc6949c34d34cd7
tree	fbc6b2bfe11b6cd7275be382d174212ac62cf37f	tree \| snapshot
parent	c4d04cc4810303427d2f6fcf914bb856af32cc52	commit \| diff

Add timingsafe_bcmp(), for constant-time memory comparison

timingsafe_bcmp() should be used instead of memcmp() or a naive
for-loop, when comparing passwords or secret tokens, to avoid leaking
information about the secret token by timing. This commit just
introduces the function but does not change any existing code to use
it yet.

This has been initially applied as of 09be39112654 in v18 and newer
versions, and will be used in all the stable branches for an upcoming
fix.

Co-authored-by: Jelte Fennema-Nio <github-tech@jeltef.nl>
Discussion: https://www.postgresql.org/message-id/7b86da3b-9356-4e50-aa1b-56570825e234@iki.fi
Security: CVE-2026-6478
Backpatch-through: 14

configure		diff \| blob \| blame \| history
configure.ac		diff \| blob \| blame \| history
meson.build		diff \| blob \| blame \| history
src/include/pg_config.h.in		diff \| blob \| blame \| history
src/include/port.h		diff \| blob \| blame \| history
src/port/meson.build		diff \| blob \| blame \| history
src/port/timingsafe_bcmp.c	[new file with mode: 0644]	blob