Commitf81ce4a

committed

Prevent problem with extra-long password packets from allocating lots of

memory.Neil Conway

1 parent626eca6 commitf81ce4aCopy full SHA for f81ce4a

File tree

+15

-1

lines changed

+15

-1

lines changed

Lines changed: 15 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@`
`8`	`8`	`*`
`9`	`9`	`*`
`10`	`10`	`* IDENTIFICATION`
`11`		`- * $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.86 2002/08/2903:22:01 tgl Exp $`
	`11`	`+ * $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.87 2002/08/2921:50:36 momjian Exp $`
`12`	`12`	`*`
`13`	`13`	`*-------------------------------------------------------------------------`
`14`	`14`	`*/`
`@@ -709,6 +709,20 @@ recv_and_check_password_packet(Port *port)`
`709`	`709`	`if (pq_eof()==EOF\|\|pq_getint(&len,4)==EOF)`
`710`	`710`	`returnSTATUS_EOF;/* client didn't want to send password */`
`711`	`711`
	`712`	`+/*`
	`713`	`+ * Since the remote client has not yet been authenticated, we need`
	`714`	`+ * to be careful when using the data they send us. The 8K limit is`
	`715`	`+ * arbitrary, and somewhat bogus: the intent is to ensure we don't`
	`716`	`+ * allocate an enormous chunk of memory.`
	`717`	`+ */`
	`718`	`+`
	`719`	`+if (len<1\|\|len>8192)`
	`720`	`+{`
	`721`	`+elog(LOG,"Invalid password packet length: %d; "`
	`722`	`+"must satisfy 1 <= length <= 8192",len);`
	`723`	`+returnSTATUS_EOF;`
	`724`	`+}`
	`725`	`+`
`712`	`726`	`initStringInfo(&buf);`
`713`	`727`	`if (pq_getstr(&buf)==EOF)/* receive password */`
`714`	`728`	`{`

Comments

(0)