Skip site navigation (1) Skip section navigation (2)

Re: fix for palloc() of user-supplied length

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Neil Conway <neilc(at)samurai(dot)com>
Cc: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>,Serguei Mokhov <mokhov(at)cs(dot)concordia(dot)ca>,PostgreSQL Patches <pgsql-patches(at)postgresql(dot)org>
Subject: Re: fix for palloc() of user-supplied length
Date: 2002-08-30 05:24:41
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-hackerspgsql-patches
Neil Conway <neilc(at)samurai(dot)com> writes:
>         (2) The length supplied by the user is completely ignored by
>             the code, and it simply reads the input until it sees a
>             NULL terminator (read the comments in the code about 10
>             lines down.) Therefore, any sanity checking on the length
>             specified by the user is a waste of time.

Agreed; the fact that the protocol requires a length word at all is just
a hangover from the past.  We can read the length word and forget it.

I wonder though if it'd be worthwhile to limit the length of the string
that we are willing to read from the client in the second step.  We are
at this point dealing with an unauthenticated user, so we should be
untrusting.  And I think Sir Mordred has a point: forcing a backend to
allocate a lot of memory can be a form of DoS attack.

			regards, tom lane

In response to


pgsql-hackers by date

Next:From: Mario WeilguniDate: 2002-08-30 05:59:40
Subject: Re: C vs. C++ contributions
Previous:From: Neil ConwayDate: 2002-08-30 05:10:29
Subject: Re: fix for palloc() of user-supplied length

pgsql-patches by date

Next:From: Manfred KoizarDate: 2002-08-30 11:22:32
Subject: Slightly reduce BufMgrLock contention
Previous:From: Tom LaneDate: 2002-08-30 05:14:17
Subject: Re: revised patch for PL/PgSQL table functions

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group