| From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
|---|---|
| To: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Potential use of uninitialized context in pgcrypto |
| Date: | 2020-10-16 12:43:42 |
| Message-ID: | AA8D6FE9-4AB2-41B4-98CB-AE64BA668C03@yesql.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
In px_crypt_md5() we have this section, with the second assignment to err being
unchecked:
/* */
err = px_find_digest("md5", &ctx);
if (err)
return NULL;
err = px_find_digest("md5", &ctx1);
Even though we know that the digest algorithm exists when we reach the second
call, we must check the returnvalue from each call to px_find_digest to handle
allocation errors. Depending on which lib is backing pgcrypto, px_find_digest
may perform resource allocation which can fail on the subsequent call. It does
fall in the not-terrible-likely-to-happen category but there is a non-zero risk
which would lead to using a broken context. The attached checks the err
returnvalue and exits in case it indicates an error.
cheers ./daniel
| Attachment | Content-Type | Size |
|---|---|---|
| pgcrypto_digest_error.patch | application/octet-stream | 1.5 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amit Langote | 2020-10-16 13:12:33 | Re: partition routing layering in nodeModifyTable.c |
| Previous Message | Kyotaro Horiguchi | 2020-10-16 12:33:50 | Re: Feature improvement for pg_stat_statements |