Re: pgcrypto bug
| От | Bruce Momjian |
|---|---|
| Тема | Re: pgcrypto bug |
| Дата | |
| Msg-id | 200111081557.fA8FvOM10866@candle.pha.pa.us обсуждение исходный текст |
| Ответ на | pgcrypto bug (Marko Kreen <marko@l-t.ee>) |
| Ответы |
Patch for Makefile race against current cvs
|
| Список | pgsql-patches |
Bug fix. Patch applied. Thanks. --------------------------------------------------------------------------- > When given oversized key, encrypt/decrypt corrupted > memory. This fixes it. Also a free() was missing. > > -- > marko > > Index: contrib/pgcrypto/px.c > =================================================================== > RCS file: /opt/cvs/pgsql/pgsql/contrib/pgcrypto/px.c,v > retrieving revision 1.3 > diff -u -r1.3 px.c > --- contrib/pgcrypto/px.c 25 Oct 2001 05:49:20 -0000 1.3 > +++ contrib/pgcrypto/px.c 7 Nov 2001 22:33:44 -0000 > @@ -88,6 +88,8 @@ > memcpy(ivbuf, iv, ivlen); > } > > + if (klen > ks) > + klen = ks; > keybuf = px_alloc(ks); > memset(keybuf, 0, ks); > memcpy(keybuf, key, klen); > @@ -96,6 +98,7 @@ > > if (ivbuf) > px_free(ivbuf); > + px_free(keybuf); > > return err; > } > > ---------------------------(end of broadcast)--------------------------- > TIP 5: Have you checked our extensive FAQ? > > http://www.postgresql.org/users-lounge/docs/faq.html > -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania 19026
В списке pgsql-patches по дате отправления: