rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix combo_decrypt() to throw an error for zero-length input when using a 

padded encryption scheme.  Formerly it would try to access res[(unsigned) -1],
which resulted in core dumps on 64-bit machines, and was certainly trouble
waiting to happen on 32-bit machines (though in at least the known case
it was harmless because that byte would be overwritten after return).
Per report from Ken Colson; fix by Marko Kreen.
This commit is contained in:
Tom Lane 2007-08-23 16:15:51 +00:00
parent 44b5efbae6
commit b918bf86c6
2 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
contrib/pgcrypto/px.c
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/px.c,v 1.15 2005/10/15 02:49:06 momjian Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/px.c,v 1.16 2007/08/23 16:15:51 tgl Exp $
*/
#include "postgres.h"
@ -58,6 +58,7 @@ static const struct error_desc px_err_list[] = {
{PXE_BAD_SALT_ROUNDS, "Incorrect number of rounds"},
{PXE_MCRYPT_INTERNAL, "mcrypt internal error"},
{PXE_NO_RANDOM, "No strong random source"},
{PXE_DECRYPT_FAILED, "Decryption failed"},
{PXE_PGP_CORRUPT_DATA, "Wrong key or corrupt data"},
{PXE_PGP_CORRUPT_ARMOR, "Corrupt ascii-armor"},
{PXE_PGP_UNSUPPORTED_COMPR, "Unsupported compression algorithm"},
@ -279,6 +280,18 @@ combo_decrypt(PX_Combo * cx, const uint8 *data, unsigned dlen,
PX_Cipher *c = cx->cipher;
/* decide whether zero-length input is allowed */
if (dlen == 0)
{
/* with padding, empty ciphertext is not allowed */
if (cx->padding)
return PXE_DECRYPT_FAILED;
/* without padding, report empty result */
*rlen = 0;
return 0;
}
bs = px_cipher_block_size(c);
if (bs > 1 && (dlen % bs) != 0)
goto block_error;

3
contrib/pgcrypto/px.h
View File

@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $PostgreSQL: pgsql/contrib/pgcrypto/px.h,v 1.17 2007/04/06 05:36:50 tgl Exp $
* $PostgreSQL: pgsql/contrib/pgcrypto/px.h,v 1.18 2007/08/23 16:15:51 tgl Exp $
*/
#ifndef __PX_H
@ -78,6 +78,7 @@ void px_free(void *p);
#define PXE_BAD_SALT_ROUNDS -15
#define PXE_MCRYPT_INTERNAL -16
#define PXE_NO_RANDOM -17
#define PXE_DECRYPT_FAILED -18
#define PXE_MBUF_SHORT_READ -50