| From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
|---|---|
| To: | Mikhail Gribkov <youzhick(at)gmail(dot)com> |
| Cc: | PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Wrong buffer limits check |
| Date: | 2024-01-29 14:09:57 |
| Message-ID: | 88CBEB8D-E640-49DF-88E2-9E1523B899A7@yesql.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> On 29 Jan 2024, at 14:37, Mikhail Gribkov <youzhick(at)gmail(dot)com> wrote:
> I have tried to analyse Postgres code with Svace static analyzer [1] and found something I think is a real bug.
>
> In pgp-decrypt.c, in prefix_init function the following check:
> if (len > sizeof(tmpbuf))
>
> seem to be erroneous and should really look this way:
> if (len > PGP_MAX_BLOCK)
Studying the code I think you're right, we should be ensuring that the cipher
block size isn't exceeding PGP_MAX_BLOCK. In practice it seems night
impossible to hit given the ciphers in cipher_list, but we should still fix it.
Unsurprisingly this seems to have been there forever (since July 2005) so needs
to be backpatched to all supported branches for the sake of consistency
--
Daniel Gustafsson
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ronan Dunklau | 2024-01-29 14:15:25 | Re: scalability bottlenecks with (many) partitions (and more) |
| Previous Message | David Steele | 2024-01-29 14:03:19 | Re: Use of backup_label not noted in log |