| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Marko Kreen <marko(at)l-t(dot)ee> |
| Cc: | pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: pgcrypto bug |
| Date: | 2001-11-08 15:57:24 |
| Message-ID: | 200111081557.fA8FvOM10866@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Bug fix. Patch applied. Thanks.
---------------------------------------------------------------------------
> When given oversized key, encrypt/decrypt corrupted
> memory. This fixes it. Also a free() was missing.
>
> --
> marko
>
> Index: contrib/pgcrypto/px.c
> ===================================================================
> RCS file: /opt/cvs/pgsql/pgsql/contrib/pgcrypto/px.c,v
> retrieving revision 1.3
> diff -u -r1.3 px.c
> --- contrib/pgcrypto/px.c 25 Oct 2001 05:49:20 -0000 1.3
> +++ contrib/pgcrypto/px.c 7 Nov 2001 22:33:44 -0000
> @@ -88,6 +88,8 @@
> memcpy(ivbuf, iv, ivlen);
> }
>
> + if (klen > ks)
> + klen = ks;
> keybuf = px_alloc(ks);
> memset(keybuf, 0, ks);
> memcpy(keybuf, key, klen);
> @@ -96,6 +98,7 @@
>
> if (ivbuf)
> px_free(ivbuf);
> + px_free(keybuf);
>
> return err;
> }
>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: Have you checked our extensive FAQ?
>
> http://www.postgresql.org/users-lounge/docs/faq.html
>
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Klaus Naumann | 2001-11-08 16:37:00 | Patch for Makefile race against current cvs |
| Previous Message | Greg Sabino Mullane | 2001-11-08 15:08:24 | Enhanced index details using \d in psql |