Prevent stack overflow in json-related functions.
Sufficiently-deep recursion heretofore elicited a SIGSEGV. If an
application constructs PostgreSQL json or jsonb values from arbitrary
user input, application users could have exploited this to terminate all
active database connections. That applies to 9.3, where the json parser
adopted recursive descent, and later versions. Only row_to_json() and
array_to_json() were at risk in 9.2, both in a non-security capacity.
Back-patch to 9.2, where the json type was introduced.
Oskari Saarenmaa, reviewed by Michael Paquier.
Security: CVE-2015-5289
Branch
------
REL9_5_STABLE
Details
-------
http://git.postgresql.org/pg/commitdiff/98f30d2e55d530ff47b2756b395a2048200a5ea4
Modified Files
--------------
src/backend/utils/adt/json.c | 6 ++++++
src/backend/utils/adt/jsonb.c | 2 ++
src/backend/utils/adt/jsonfuncs.c | 2 ++
src/test/regress/expected/json.out | 9 +++++++++
src/test/regress/expected/json_1.out | 9 +++++++++
src/test/regress/expected/jsonb.out | 9 +++++++++
src/test/regress/expected/jsonb_1.out | 9 +++++++++
src/test/regress/sql/json.sql | 6 ++++++
src/test/regress/sql/jsonb.sql | 6 ++++++
9 files changed, 58 insertions(+)
