| From: | John Cochran <j69cochran(at)gmail(dot)com> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: A worst case for qsort |
| Date: | 2014-08-06 16:18:52 |
| Message-ID: | CAGQU3n7ZPPLN9C2pcXrp9UoOOFMm-Y4g0jFAVufCHEX8-L3-Zg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
I just browsed the paper linked by Peter and it looks like the attack has
to be active against a currently executing qsort. In the paper, what
happens is the comparison function is supplied by the attacker and
effectively lies about the result of a comparison. It keeps the lies
consistent in a very specific manner so that eventually qsort returns its
input in a properly sorted fashion.
So it seems to me that the vulnerability only exits if an attacker supplied
comparison function is permitted. For all other cases, assuming that only
vetted comparison functions are permitted, the selection of a random pivot
would make an attack on qsort using specially tailored input data
improbable.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2014-08-06 16:24:13 | Re: Questions on dynamic execution and sqlca |
| Previous Message | Bill Epstein | 2014-08-06 16:17:46 | Questions on dynamic execution and sqlca |