On 8/23/07, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> "Ken Colson" <ken.colson@sage.com> writes:
> > this statement:
> > select decrypt(''::bytea,'password','bf')
> > causes the postgresql backend to crash:
> > This seems to be a 64bit problem.
>
> Reproduced here in HEAD. The problem is here:
> 293 pad = res[*rlen - 1];
> The problem clearly is that combo_decrypt()'s depadding code fails to
> consider the possibility of a zero-length input, but I'm not entirely
> sure how far up the food chain we ought to fix it --- perhaps
> pg_decrypt() should not have bothered to light up the decryptor at all?
The fix should be in combo_decrypt() because other code
should not need to guess whether zero-length input is
allowed or not.
Patch attached.
> Also, what other pgcrypto routines might have similar bugs?
Well, PGP code accesses anything thru wrappers, so should be OK.
Rest of the code does not try to parse user data, just passes
it thru.
Except armor()/dearmor(), which does lot of pointer-juggling.
I can do a review of that, just in case.
--
marko
