Home > mailing lists

Re: pgcrypto bug - Mailing list pgsql-patches

From	Bruce Momjian
Subject	Re: pgcrypto bug
Date	November 8, 2001 14:28:11
Msg-id	200111081557.fA8FvOM10866@candle.pha.pa.us Whole thread Raw
In response to	pgcrypto bug (Marko Kreen <marko@l-t.ee>)
Responses	Patch for Makefile race against current cvs
List	pgsql-patches

Tree view

Bug fix.  Patch applied.  Thanks.

---------------------------------------------------------------------------


> When given oversized key, encrypt/decrypt corrupted
> memory.  This fixes it.  Also a free() was missing.
>
> --
> marko
>
> Index: contrib/pgcrypto/px.c
> ===================================================================
> RCS file: /opt/cvs/pgsql/pgsql/contrib/pgcrypto/px.c,v
> retrieving revision 1.3
> diff -u -r1.3 px.c
> --- contrib/pgcrypto/px.c    25 Oct 2001 05:49:20 -0000    1.3
> +++ contrib/pgcrypto/px.c    7 Nov 2001 22:33:44 -0000
> @@ -88,6 +88,8 @@
>              memcpy(ivbuf, iv, ivlen);
>      }
>
> +    if (klen > ks)
> +        klen = ks;
>      keybuf = px_alloc(ks);
>      memset(keybuf, 0, ks);
>      memcpy(keybuf, key, klen);
> @@ -96,6 +98,7 @@
>
>      if (ivbuf)
>          px_free(ivbuf);
> +    px_free(keybuf);
>
>      return err;
>  }
>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: Have you checked our extensive FAQ?
>
> http://www.postgresql.org/users-lounge/docs/faq.html
>

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026

pgsql-patches by date:

From: "Greg Sabino Mullane"
Date: 08 November 2001, 13:41:49
Subject: Enhanced index details using \d in psql

From: Klaus Naumann
Date: 08 November 2001, 14:57:54
Subject: Patch for Makefile race against current cvs

Re: pgcrypto bug - Mailing list pgsql-patches

Previous

Next