forked frompostgres/postgres
- Notifications
You must be signed in to change notification settings - Fork6
Commitcfa4eba
committed
Improve pglz_decompress's defenses against corrupt compressed data.
When processing a match tag, check to see if the claimed "off"is more than the distance back to the output buffer start.If it is, then the data is corrupt, and what's more we wouldfetch from outside the buffer boundaries and potentially incura SIGSEGV. (Although the odds of that seem relatively low, giventhat "off" can't be more than 4K.)Back-patch to v13; before that, this function wasn't reallytrying to protect against bad data.Report and fix by Flavien Guedez.Discussion:https://postgr.es/m/01fc0593-e31e-463d-902c-dd43174acee2@oopacity.net1 parent418d6b4 commitcfa4eba
1 file changed
+8
-4
lines changedLines changed: 8 additions & 4 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
735 | 735 | | |
736 | 736 | | |
737 | 737 | | |
738 | | - | |
739 | | - | |
740 | | - | |
| 738 | + | |
| 739 | + | |
| 740 | + | |
| 741 | + | |
| 742 | + | |
| 743 | + | |
741 | 744 | | |
742 | | - | |
| 745 | + | |
| 746 | + | |
743 | 747 | | |
744 | 748 | | |
745 | 749 | | |
| |||
0 commit comments
Comments
(0)