Prevent problem with extra-long password packets from allocating lots of

memory. Neil Conway
2002-08-29 21:50:36 +00:00 · 2002-08-29 21:50:36 +00:00 · f81ce4a0f6
parent 626eca697c
commit f81ce4a0f6
1 changed files with 15 additions and 1 deletions
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@ -8,7 +8,7 @@
 *
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.86 2002/08/29 03:22:01 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.87 2002/08/29 21:50:36 momjian Exp $
 *
 *-------------------------------------------------------------------------
 */
@ -709,6 +709,20 @@ recv_and_check_password_packet(Port *port)
 	if (pq_eof() == EOF || pq_getint(&len, 4) == EOF)
 		return STATUS_EOF;		/* client didn't want to send password */

+	/*
+	 * Since the remote client has not yet been authenticated, we need
+	 * to be careful when using the data they send us. The 8K limit is
+	 * arbitrary, and somewhat bogus: the intent is to ensure we don't
+	 * allocate an enormous chunk of memory.
+	 */
+
+	if (len < 1 || len > 8192)
+	{
+		elog(LOG, "Invalid password packet length: %d; "
+			 "must satisfy 1 <= length <= 8192", len);
+		return STATUS_EOF;
+	}
+
 	initStringInfo(&buf);
 	if (pq_getstr(&buf) == EOF) /* receive password */
 	{