- Notifications
You must be signed in to change notification settings - Fork28
Commitdfd8bf2
committed
pgcrypto: Detect errors with EVP calls from OpenSSL
The following routines are called within pgcrypto when handling digestsbut there were no checks for failures:- EVP_MD_CTX_size (can fail with -1 as of 3.0.0)- EVP_MD_CTX_block_size (can fail with -1 as of 3.0.0)- EVP_DigestInit_ex- EVP_DigestUpdate- EVP_DigestFinal_exA set of elog(ERROR) is added by this commit to detect such failures,that should never happen except in the event of a processing failureinternal to OpenSSL.Note that it would be possible to use ERR_reason_error_string() to getmore context about such errors, but these refer mainly to the internalsof OpenSSL, so it is not really obvious how useful that would be. Thisis left out for simplicity.Per report from Coverity. Thanks to Tom Lane for the discussion.Backpatch-through: 9.51 parent01c6370 commitdfd8bf2
1 file changed
+16
-5
lines changedLines changed: 16 additions & 5 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
114 | 114 | | |
115 | 115 | | |
116 | 116 | | |
| 117 | + | |
117 | 118 | | |
118 | | - | |
| 119 | + | |
| 120 | + | |
| 121 | + | |
| 122 | + | |
119 | 123 | | |
120 | 124 | | |
121 | 125 | | |
122 | 126 | | |
123 | 127 | | |
124 | 128 | | |
| 129 | + | |
| 130 | + | |
| 131 | + | |
| 132 | + | |
125 | 133 | | |
126 | | - | |
| 134 | + | |
127 | 135 | | |
128 | 136 | | |
129 | 137 | | |
130 | 138 | | |
131 | 139 | | |
132 | 140 | | |
133 | 141 | | |
134 | | - | |
| 142 | + | |
| 143 | + | |
135 | 144 | | |
136 | 145 | | |
137 | 146 | | |
138 | 147 | | |
139 | 148 | | |
140 | 149 | | |
141 | 150 | | |
142 | | - | |
| 151 | + | |
| 152 | + | |
143 | 153 | | |
144 | 154 | | |
145 | 155 | | |
146 | 156 | | |
147 | 157 | | |
148 | 158 | | |
149 | 159 | | |
150 | | - | |
| 160 | + | |
| 161 | + | |
151 | 162 | | |
152 | 163 | | |
153 | 164 | | |
| |||
0 commit comments
Comments
(0)