Home > mailing lists

Re: Modern SHA2- based password hashes for pgcrypto - Mailing list pgsql-hackers

From	Andres Freund
Subject	Re: Modern SHA2- based password hashes for pgcrypto
Date	April 7 06:02:50
Msg-id	utxwivz6ced6jnvxzgs5a37ss636h7aynfrv3gz5iqw34uioem@66tflrtvovrn Whole thread Raw
In response to	Re: Modern SHA2- based password hashes for pgcrypto (Alvaro Herrera <alvherre@alvh.no-ip.org>)
Responses	Re: Modern SHA2- based password hashes for pgcrypto
List	pgsql-hackers

Tree view

Hi,

On 2025-04-05 19:22:58 +0200, Alvaro Herrera wrote:
> I have pushed this now, hoping it won't explode.

I have a WIP patch that adds gcc specific allocator attributes for palloc et
al. Just rebased that. It warns on the new code as follows:

[1489/1804 42  82%] Compiling C object contrib/pgcrypto/pgcrypto.so.p/crypt-sha.c.o
../../../../../home/andres/src/postgresql/contrib/pgcrypto/crypt-sha.c: In function 'px_crypt_shacrypt':
../../../../../home/andres/src/postgresql/contrib/pgcrypto/crypt-sha.c:605:13: warning: pointer 'cp' may be used after
'pfree'[-Wuse-after-free]
 
  605 |         *cp = '\0';
      |         ~~~~^~~~~~
../../../../../home/andres/src/postgresql/contrib/pgcrypto/crypt-sha.c:533:9: note: call to 'pfree' here
  533 |         pfree(s_bytes);
      |         ^~~~~~~~~~~~~~

And it sure seems to have a point.  I'm surprised this isn't causing wider
issues...

Greetings,

Andres Freund

pgsql-hackers by date:

From: Richard Guo
Date: 07 April, 05:59:12
Subject: Re: Reduce "Var IS [NOT] NULL" quals during constant folding

From: Richard Guo
Date: 07 April, 06:12:24
Subject: Re: Removing unneeded self joins

Re: Modern SHA2- based password hashes for pgcrypto - Mailing list pgsql-hackers

Previous

Next