Postgres Pro
Downloads
Home   >   mailing lists

Re: null iv parameter passed to combo_init() - Mailing list pgsql-hackers

From Zhihong Yu
Subject Re: null iv parameter passed to combo_init()
Date
Msg-id CALNJ-vTh9BXARHg3iaCAzr97Fws2W5aR6nRPJfT4u3VdKDzRTQ@mail.gmail.com
Whole thread Raw
In response to Re: null iv parameter passed to combo_init()  (Noah Misch <noah@leadboat.com>)
Responses Re: null iv parameter passed to combo_init()
List pgsql-hackers
Tree view


On Sat, Jan 8, 2022 at 5:52 PM Noah Misch <noah@leadboat.com> wrote:
On Fri, Jan 07, 2022 at 04:32:01PM -0800, Zhihong Yu wrote:
> In contrib/pgcrypto/pgcrypto.c :
>
>     err = px_combo_init(c, (uint8 *) VARDATA_ANY(key), klen, NULL, 0);
>
> Note: NULL is passed as iv.
>
> When combo_init() is called,
>
>         if (ivlen > ivs)
>             memcpy(ivbuf, iv, ivs);
>         else
>             memcpy(ivbuf, iv, ivlen);
>
> It seems we need to consider the case of null being passed as iv for
> memcpy() because of this:
>
> /usr/include/string.h:44:28: note: nonnull attribute specified here

I agree it's time to fix cases like this, given
https://postgr.es/m/flat/20200904023648.GB3426768@rfd.leadboat.com.  However,
it should be one patch fixing all (or at least many) of them.

> --- a/contrib/pgcrypto/px.c
> +++ b/contrib/pgcrypto/px.c
> @@ -198,10 +198,13 @@ combo_init(PX_Combo *cx, const uint8 *key, unsigned klen,
>       if (ivs > 0)
>       {
>               ivbuf = palloc0(ivs);
> -             if (ivlen > ivs)
> -                     memcpy(ivbuf, iv, ivs);
> -             else
> -                     memcpy(ivbuf, iv, ivlen);
> +             if (iv != NULL)
> +             {
> +                     if (ivlen > ivs)
> +                             memcpy(ivbuf, iv, ivs);
> +                     else
> +                             memcpy(ivbuf, iv, ivlen);
> +             }
>       }

If someone were to pass NULL iv with nonzero ivlen, that will silently
Hi,
If iv is NULL, none of the memcpy() would be called (based on my patch).
Can you elaborate your suggestion in more detail ?

Patch v2 is attached, covering more files.

Since the referenced email was old, line numbers have changed.
It would be nice if an up-to-date list is provided in case more places should be changed.

Cheers
 
malfunction.  I'd avoid that risk by writing this way:

--- a/contrib/pgcrypto/px.c
+++ b/contrib/pgcrypto/px.c
@@ -202,3 +202,3 @@ combo_init(PX_Combo *cx, const uint8 *key, unsigned klen,
                        memcpy(ivbuf, iv, ivs);
-               else
+               else if (ivlen > 0)
                        memcpy(ivbuf, iv, ivlen);

That also gives the compiler an additional optimization strategy.

 
Attachment

pgsql-hackers by date:

Previous
From: Noah Misch
Date:
Subject: Re: null iv parameter passed to combo_init()
Next
From: "Euler Taveira"
Date:
Subject: Re: Logging replication state changes