Re: @(#)Mordred Labs advisory 0x0007: Remove DoS in PostgreSQL - Mailing list pgsql-hackers

From Shridhar Daithankar
Subject Re: @(#)Mordred Labs advisory 0x0007: Remove DoS in PostgreSQL
Date
Msg-id 3D6A8EAB.31690.244677E0@localhost
Whole thread Raw
In response to @(#)Mordred Labs advisory 0x0007: Remove DoS in PostgreSQL  (Sir Mordred The Traitor <mordred@s-mail.com>)
List pgsql-hackers
On 26 Aug 2002 at 14:46, Sir Mordred The Traitor wrote:
> [snip]
> static int recv_and_check_password0(Port *port) {
>     int32 len;
>     char *buf;
>  
>     if (pq_getint(&len, 4) == EOF)
>         return STATUS_EOF;
>     len -= 4;
>     buf = palloc(len); /* len is taken from a packet */
> [snip]

So that should read,
buf=palloc((len>LENMAX?SAFELEN:len));

is what you want to say? 

sounds good to me.. But if it is taken from the packet, won't that be tripped 
to MTA size? Just a naïve question. Never saw much of postgres code myself..


ByeShridhar

--
Wilcox's Law:    A pat on the back is only a few centimeters from a kick in the 
pants.



pgsql-hackers by date:

Previous
From: Sir Mordred The Traitor
Date:
Subject: @(#)Mordred Labs advisory 0x0007: Remove DoS in PostgreSQL
Next
From: Tom Lane
Date:
Subject: Re: @(#)Mordred Labs advisory 0x0007: Remove DoS in PostgreSQL