forked frompostgres/postgres
- Notifications
You must be signed in to change notification settings - Fork6
Commitd7ecba9
committed
pgcrypto: Detect errors with EVP calls from OpenSSL
The following routines are called within pgcrypto when handling digestsbut there were no checks for failures:- EVP_MD_CTX_size (can fail with -1 as of 3.0.0)- EVP_MD_CTX_block_size (can fail with -1 as of 3.0.0)- EVP_DigestInit_ex- EVP_DigestUpdate- EVP_DigestFinal_exA set of elog(ERROR) is added by this commit to detect such failures,that should never happen except in the event of a processing failureinternal to OpenSSL.Note that it would be possible to use ERR_reason_error_string() to getmore context about such errors, but these refer mainly to the internalsof OpenSSL, so it is not really obvious how useful that would be. Thisis left out for simplicity.Per report from Coverity. Thanks to Tom Lane for the discussion.Backpatch-through: 9.51 parent27b57f8 commitd7ecba9
1 file changed
+16
-5
lines changedLines changed: 16 additions & 5 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
115 | 115 | | |
116 | 116 | | |
117 | 117 | | |
| 118 | + | |
118 | 119 | | |
119 | | - | |
| 120 | + | |
| 121 | + | |
| 122 | + | |
| 123 | + | |
120 | 124 | | |
121 | 125 | | |
122 | 126 | | |
123 | 127 | | |
124 | 128 | | |
125 | 129 | | |
| 130 | + | |
| 131 | + | |
| 132 | + | |
| 133 | + | |
126 | 134 | | |
127 | | - | |
| 135 | + | |
128 | 136 | | |
129 | 137 | | |
130 | 138 | | |
131 | 139 | | |
132 | 140 | | |
133 | 141 | | |
134 | 142 | | |
135 | | - | |
| 143 | + | |
| 144 | + | |
136 | 145 | | |
137 | 146 | | |
138 | 147 | | |
139 | 148 | | |
140 | 149 | | |
141 | 150 | | |
142 | 151 | | |
143 | | - | |
| 152 | + | |
| 153 | + | |
144 | 154 | | |
145 | 155 | | |
146 | 156 | | |
147 | 157 | | |
148 | 158 | | |
149 | 159 | | |
150 | 160 | | |
151 | | - | |
| 161 | + | |
| 162 | + | |
152 | 163 | | |
153 | 164 | | |
154 | 165 | | |
| |||
0 commit comments
Comments
(0)