NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commitb918bf8

committed

Fix combo_decrypt() to throw an error for zero-length input when using a

padded encryption scheme. Formerly it would try to access res[(unsigned) -1],which resulted in core dumps on 64-bit machines, and was certainly troublewaiting to happen on 32-bit machines (though in at least the known caseit was harmless because that byte would be overwritten after return).Per report from Ken Colson; fix by Marko Kreen.

1 parent44b5efb commitb918bf8Copy full SHA for b918bf8

File tree

2 files changed

+16

-2

lines changed

contrib/pgcrypto
- px.c
- px.h

2 files changed

+16

-2

lines changed

`‎contrib/pgcrypto/px.c`

Lines changed: 14 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,7 @@`
`26`	`26`	`* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF`
`27`	`27`	`* SUCH DAMAGE.`
`28`	`28`	`*`
`29`		`- * $PostgreSQL: pgsql/contrib/pgcrypto/px.c,v 1.15 2005/10/15 02:49:06 momjian Exp $`
	`29`	`+ * $PostgreSQL: pgsql/contrib/pgcrypto/px.c,v 1.16 2007/08/23 16:15:51 tgl Exp $`
`30`	`30`	`*/`
`31`	`31`
`32`	`32`	`#include"postgres.h"`
`@@ -58,6 +58,7 @@ static const struct error_desc px_err_list[] = {`
`58`	`58`	`{PXE_BAD_SALT_ROUNDS,"Incorrect number of rounds"},`
`59`	`59`	`{PXE_MCRYPT_INTERNAL,"mcrypt internal error"},`
`60`	`60`	`{PXE_NO_RANDOM,"No strong random source"},`
	`61`	`+{PXE_DECRYPT_FAILED,"Decryption failed"},`
`61`	`62`	`{PXE_PGP_CORRUPT_DATA,"Wrong key or corrupt data"},`
`62`	`63`	`{PXE_PGP_CORRUPT_ARMOR,"Corrupt ascii-armor"},`
`63`	`64`	`{PXE_PGP_UNSUPPORTED_COMPR,"Unsupported compression algorithm"},`
`@@ -279,6 +280,18 @@ combo_decrypt(PX_Combo * cx, const uint8 *data, unsigned dlen,`
`279`	`280`
`280`	`281`	`PX_Cipher*c=cx->cipher;`
`281`	`282`
	`283`	`+/* decide whether zero-length input is allowed */`
	`284`	`+if (dlen==0)`
	`285`	`+{`
	`286`	`+/* with padding, empty ciphertext is not allowed */`
	`287`	`+if (cx->padding)`
	`288`	`+returnPXE_DECRYPT_FAILED;`
	`289`	`+`
	`290`	`+/* without padding, report empty result */`
	`291`	`+*rlen=0;`
	`292`	`+return0;`
	`293`	`+}`
	`294`	`+`
`282`	`295`	`bs=px_cipher_block_size(c);`
`283`	`296`	`if (bs>1&& (dlen %bs)!=0)`
`284`	`297`	`gotoblock_error;`

`‎contrib/pgcrypto/px.h`

Lines changed: 2 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,7 @@`
`26`	`26`	`* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF`
`27`	`27`	`* SUCH DAMAGE.`
`28`	`28`	`*`
`29`		`- * $PostgreSQL: pgsql/contrib/pgcrypto/px.h,v 1.17 2007/04/06 05:36:50 tgl Exp $`
	`29`	`+ * $PostgreSQL: pgsql/contrib/pgcrypto/px.h,v 1.18 2007/08/23 16:15:51 tgl Exp $`
`30`	`30`	`*/`
`31`	`31`
`32`	`32`	`#ifndef__PX_H`
`@@ -78,6 +78,7 @@ voidpx_free(void *p);`
`78`	`78`	`#definePXE_BAD_SALT_ROUNDS-15`
`79`	`79`	`#definePXE_MCRYPT_INTERNAL-16`
`80`	`80`	`#definePXE_NO_RANDOM-17`
	`81`	`+#definePXE_DECRYPT_FAILED-18`
`81`	`82`
`82`	`83`	`#definePXE_MBUF_SHORT_READ-50`
`83`	`84`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitb918bf8

File tree

2 files changed

2 files changed

`‎contrib/pgcrypto/px.c`

`‎contrib/pgcrypto/px.h`

0 commit comments