Re: Found a buffer-overflow defect in asynchronous database connection API PQconnectPoll

From: Sudheer H R <sudheer(dot)hr(at)tekenlight(dot)com>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: pgsql-bugs(at)lists(dot)postgresql(dot)org
Subject: Re: Found a buffer-overflow defect in asynchronous database connection API PQconnectPoll
Date: 2021-06-24 01:53:37
Message-ID: 54573F29-636F-4889-9673-7DE8C6645629@tekenlight.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

Thanks a lot

> On 23-Jun-2021, at 11:33 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>
> I wrote:
>> Hmph. I can't reproduce this on RHEL8: so far as I can tell, the string
>> is physically null-terminated, and clang's address sanitizer doesn't
>> complain either. Still, given the vagueness of the spec for
>> gss_display_status, it seems wise to not assume that every GSS
>> implementation acts the same.
>
> I've committed fixes to make our code rely on the returned length
> field instead. Hopefully that won't expose any new bugs in other
> GSS implementations :-(
>
> regards, tom lane

In response to

Browse pgsql-bugs by date

  From Date Subject
Next Message hubert depesz lubaczewski 2021-06-24 06:23:34 Re: BUG #17071: ORDER BY gets ignored when result set has only one row, but another one gets added by rollup()
Previous Message Tom Lane 2021-06-23 23:35:10 Re: BUG #17066: Cache lookup failed when null (unknown) is passed as anycompatiblemultirange