Home > mailing lists

Re: Fix infinite loop from setting scram_iterations to INT_MAX - Mailing list pgsql-hackers

From	Richard Guo
Subject	Re: Fix infinite loop from setting scram_iterations to INT_MAX
Date	March 24 03:50:36
Msg-id	CAMbWs4-=xQ-FjZP7D-Ly88cb4QDBOsrrk_xK2RKufZ7hkS_S0g@mail.gmail.com Whole thread Raw
In response to	Fix infinite loop from setting scram_iterations to INT_MAX (Kevin K Biju <kevinkbiju@gmail.com>)
Responses	Re: Fix infinite loop from setting scram_iterations to INT_MAX
List	pgsql-hackers

Tree view

On Sun, Mar 23, 2025 at 10:41 PM Kevin K Biju <kevinkbiju@gmail.com> wrote:
> int i;
> ...
> for (i = 2; i <= iterations; i++)
> {
>     ...
> }
>
> For iterations = INT_MAX, the loop will never terminate since the condition is <= and adding 1 to INT_MAX will lead
toi wrapping around to INT_MIN. 
>
> I've fixed this by modifying the loop condition to be i < iterations. I've attached a patch with the fix. I
consideredadding a test as well, but since generating a password with a high number of iterations is very
time-consuming,I'm not sure if that would be practical. 

Nice catch.  The fix looks good to me.  It seems to me that it's fine
to go without a test case, since the fix is quite straightforward.

Thanks
Richard

pgsql-hackers by date:

From: Noah Misch
Date: 24 March, 03:29:39
Subject: Re: AIO v2.5

From: Michael Paquier
Date: 24 March, 03:54:50
Subject: Re: Fix infinite loop from setting scram_iterations to INT_MAX

Re: Fix infinite loop from setting scram_iterations to INT_MAX - Mailing list pgsql-hackers

Previous

Next