git.ipfire.org Git - thirdparty/postgresql.git/commit

author	Michael Paquier <michael@paquier.xyz>
	Mon, 11 May 2026 12:13:47 +0000 (05:13 -0700)
committer	Noah Misch <noah@leadboat.com>
	Mon, 11 May 2026 12:13:47 +0000 (05:13 -0700)
commit	d93ef413174daae721c6f2cfda3fbd5187f0b4ee
tree	7287ae31ffd0e3dc7787f26a4b1bd3c614afdff8	tree \| snapshot
parent	c5790ec4fd9a6ae9e0bf322a06ee9de2eedf3e11	commit \| diff

Apply timingsafe_bcmp() in authentication paths

This commit applies timingsafe_bcmp() to authentication paths that
handle attributes or data previously compared with memcpy() or strcmp(),
which are sensitive to timing attacks.

The following data is concerned by this change, some being in the
backend and some in the frontend:
- For a SCRAM or MD5 password, the computed key or the MD5 hash compared
with a password during a plain authentication.
- For a SCRAM exchange, the stored key, the client's final nonce and the
server nonce.
- RADIUS (up to v18), the encrypted password.
- For MD5 authentication, the MD5(MD5()) hash.

Reported-by: Joe Conway <mail@joeconway.com>
Security: CVE-2026-6478
Author: Michael Paquier <michael@paquier.xyz>
Reviewed-by: John Naylor <johncnaylorls@gmail.com>
Backpatch-through: 14

src/backend/libpq/auth-scram.c		diff \| blob \| blame \| history
src/backend/libpq/auth.c		diff \| blob \| blame \| history
src/backend/libpq/crypt.c		diff \| blob \| blame \| history
src/interfaces/libpq/fe-auth-scram.c		diff \| blob \| blame \| history