Re: glibc qsort() vulnerability - Mailing list pgsql-hackers

From Mats Kindahl
Subject Re: glibc qsort() vulnerability
Date
Msg-id CA+14425sXfyiroL07eDfc-YtbmQebZTjePE2XiCqbjCbN7RUeg@mail.gmail.com
Whole thread Raw
In response to Re: glibc qsort() vulnerability  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-hackers
On Tue, Feb 6, 2024 at 4:11 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:
Mats Kindahl <mats@timescale.com> writes:
> There is a bug in glibc's qsort() algorithm that runs the risk of creating
> an out-of-bounds error if the comparison function is not transitive, for
> example, if subtraction is used so that it can create an overflow.

We don't use glibc's qsort.  Have you checked whether there's a
problem with the code we do use?

Interesting. No, haven't checked. Will do that.

Best wishes,
Mats Kindahl 

                        regards, tom lane

pgsql-hackers by date:

Previous
From: "Joel Jacobson"
Date:
Subject: Re: Possibility to disable `ALTER SYSTEM`
Next
From: Mats Kindahl
Date:
Subject: Re: glibc qsort() vulnerability