Home > mailing lists

Re: glibc qsort() vulnerability - Mailing list pgsql-hackers

From	Mats Kindahl
Subject	Re: glibc qsort() vulnerability
Date	February 7 12:01:58
Msg-id	CA+14425sXfyiroL07eDfc-YtbmQebZTjePE2XiCqbjCbN7RUeg@mail.gmail.com Whole thread Raw
In response to	Re: glibc qsort() vulnerability (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

On Tue, Feb 6, 2024 at 4:11 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:

Mats Kindahl <mats@timescale.com> writes:
> There is a bug in glibc's qsort() algorithm that runs the risk of creating
> an out-of-bounds error if the comparison function is not transitive, for
> example, if subtraction is used so that it can create an overflow.

We don't use glibc's qsort. Have you checked whether there's a
problem with the code we do use?

Interesting. No, haven't checked. Will do that.

Best wishes,

Mats Kindahl

regards, tom lane

pgsql-hackers by date:

From: "Joel Jacobson"
Date: 07 February, 11:56:58
Subject: Re: Possibility to disable `ALTER SYSTEM`

From: Mats Kindahl
Date: 07 February, 12:09:58
Subject: Re: glibc qsort() vulnerability

Re: glibc qsort() vulnerability - Mailing list pgsql-hackers

Previous

Next