Home > mailing lists

Re: Non-compliant SASLprep implementation for ASCII characters - Mailing list pgsql-hackers

From	Alexander Lakhin
Subject	Re: Non-compliant SASLprep implementation for ASCII characters
Date	April 12 16:00:00
Msg-id	7fb11a74-69c6-4f73-b505-0fac9783cc4c@gmail.com Whole thread Raw
In response to	Re: Non-compliant SASLprep implementation for ASCII characters (Michael Paquier <michael@paquier.xyz>)
Responses	Re: Non-compliant SASLprep implementation for ASCII characters
List	pgsql-hackers

Tree view

12.04.2026 14:47, Michael Paquier wrote:

On Sun, Apr 12, 2026 at 09:00:00AM +0300, Alexander Lakhin wrote:

That is, strlcpy() tries to evaluate strlen() for src, which contains only
one byte without null terminator.

Thanks for the report.  I don't know why skink is not complaining, but
I do see the failure, and I am able to fix it with the attached.  Does
it work on your side?

Yes, it works. Thank you for paying attention to the issue!

Maybe it would make sense to find out why skink doesn't detect this (just
in case there are or will be similar defects hiding) before pushing the
fix...

Best regards,
Alexander

pgsql-hackers by date:

From: David Rowley
Date: 12 April, 15:33:04
Subject: Re: Small and unlikely overflow hazard in bms_next_member()

From: David Rowley
Date: 12 April, 16:17:02
Subject: Re: Small and unlikely overflow hazard in bms_next_member()

Re: Non-compliant SASLprep implementation for ASCII characters - Mailing list pgsql-hackers

Previous

Next