Re: Fix error handling in be_tls_open_server()

Поиск
Список
Период
Сортировка
От Sergey Shinderuk
Тема Re: Fix error handling in be_tls_open_server()
Дата
Msg-id 1e4638b3-1456-6c03-45c2-8848c06fc993@postgrespro.ru
обсуждение исходный текст
Ответ на Re: Fix error handling in be_tls_open_server()  (Daniel Gustafsson <daniel@yesql.se>)
Ответы Re: Fix error handling in be_tls_open_server()  (Daniel Gustafsson <daniel@yesql.se>)
Список pgsql-hackers
Дерево обсуждения 
On 23.08.2023 16:23, Daniel Gustafsson wrote:
>> On 1 Aug 2023, at 16:44, Sergey Shinderuk <s.shinderuk@postgrespro.ru> wrote:
> 
>> A static analyzer reported a possible pfree(NULL) in be_tls_open_server().
> 
> This has the smell of a theoretical problem, I can't really imagine a
> certificate where which would produce this.  Have you been able to trigger it?


I triggered a crash by generating a certificate without a CN and forcing 
malloc to return NULL when called from X509_NAME_print_ex or 
BIO_get_mem_ptr with gdb.

Initially I tried to trigger a crash by generating a certificate without 
a CN and with a DN contaning the null byte. But as I said, the error 
condition "SSL certificate's distinguished name contains embedded null" 
isn't really reachable, because XN_FLAG_RFC2253 escapes null bytes.


-- 
Sergey Shinderuk        https://postgrespro.com/

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Alvaro Herrera
Дата:
Сообщение: Re: subscription/015_stream sometimes breaks
Следующее
От: Kyotaro Horiguchi
Дата:
Сообщение: Re: Should the archiver process always make sure that the timeline history files exist in the archive?