Home > mailing lists

pg_cryptohash_final possible out-of-bounds access (per Coverity) - Mailing list pgsql-hackers

From	Ranier Vilela
Subject	pg_cryptohash_final possible out-of-bounds access (per Coverity)
Date	February 10, 2021 04:01:45
Msg-id	CAEudQAoqEGmcff3J4sTSV-R_16Monuz-UpJFbf_dnVH=APr02Q@mail.gmail.com Whole thread Raw
Responses	Re: pg_cryptohash_final possible out-of-bounds access (per Coverity) Re: pg_cryptohash_final possible out-of-bounds access (per Coverity)
List	pgsql-hackers

Hi Hackers,

Per Coverity.

Coverity complaints about pg_cryptohash_final function.

And I agree with Coverity, it's a bad design.

Its allows this:

#define MY_RESULT_LENGTH 32

function pgtest(char * buffer, char * text) {

pg_cryptohash_ctx *ctx;

uint8 digest[MY_RESULT_LENGTH];

ctx = pg_cryptohash_create(PG_SHA512);

pg_cryptohash_init(ctx);

pg_cryptohash_update(ctx, (uint8 *) buffer, text);

pg_cryptohash_final(ctx, digest); // <-- CID 1446240 (#1 of 1): Out-of-bounds access (OVERRUN)

pg_cryptohash_free(ctx);

return

}

Attached has a patch with suggestions to make things better.

regards,

Ranier Vilela

From: Peter Smith
Date: 10 February 2021, 03:51:57
Subject: Re: Single transaction in the tablesync worker?

From: "Euler Taveira"
Date: 10 February 2021, 04:10:32
Subject: Re: Clean up code