Home > mailing lists

Re: fix for palloc() of user-supplied length - Mailing list pgsql-patches

From	Bruce Momjian
Subject	Re: fix for palloc() of user-supplied length
Date	August 28, 2002 02:01:40
Msg-id	200208280301.g7S31ck03962@candle.pha.pa.us Whole thread Raw
In response to	fix for palloc() of user-supplied length (Neil Conway <neilc@samurai.com>)
Responses	Re: fix for palloc() of user-supplied length (Neil Conway <neilc@samurai.com>)
List	pgsql-patches

Tree view

Neil, is this the one Sir-* complained about?

---------------------------------------------------------------------------

Neil Conway wrote:
> This patch fixes the so-called DoS possibility when processing the
> password packet in recv_and_check_passwordv0(). Nothing fancy, I just
> added a sanity check to ensure that we bail out if the client enters
> an obviously-bogus length.
>
> Cheers,
>
> Neil
>
> --
> Neil Conway <neilc@samurai.com> || PGP Key ID: DB3C29FC

[ Attachment, skipping... ]

>
> ---------------------------(end of broadcast)---------------------------
> TIP 6: Have you searched our list archives?
>
> http://archives.postgresql.org

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073

pgsql-patches by date:

From: Bruce Momjian
Date: 28 August 2002, 02:01:09
Subject: Re: fix for palloc() of user-supplied length

From: Neil Conway
Date: 28 August 2002, 02:40:32
Subject: Re: fix for palloc() of user-supplied length

Re: fix for palloc() of user-supplied length - Mailing list pgsql-patches

Previous

Next