rdelaage/postgresql
1
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2024-08-11 06:33:23 +02:00
Code Issues Packages Projects Releases Wiki Activity
9e108984fb
postgresql/contrib/pgcrypto/expected/pgp-compression.out
Michael Paquier 9e108984fb Fix corner case with PGP decompression in pgcrypto 
A compressed stream may end with an empty packet, and PGP decompression
finished before reading this empty packet in the remaining stream.  This
caused a failure in pgcrypto, handling this case as corrupted data.
This commit makes sure to consume such extra data, avoiding a failure
when decompression the entire stream.  This corner case was reproducible
with a data length of 16kB, and existed since its introduction in
e94dd6a.  A cheap regression test is added to cover this case.

Thanks to Jeff Janes for the extra investigation.

Reported-by: Frank Gagnepain
Author: Kyotaro Horiguchi, Michael Paquier
Discussion: https://postgr.es/m/16476-692ef7b84e5fb893@postgresql.org
Backpatch-through: 9.5
2020-07-22 14:52:23 +09:00

81 lines
2.1 KiB
Plaintext
Raw Blame History

--
-- PGP compression support
--
select pgp_sym_decrypt(dearmor('
-----BEGIN PGP MESSAGE-----
ww0ECQMCsci6AdHnELlh0kQB4jFcVwHMJg0Bulop7m3Mi36s15TAhBo0AnzIrRFrdLVCkKohsS6+
DMcmR53SXfLoDJOv/M8uKj3QSq7oWNIp95pxfA==
=tbSn
-----END PGP MESSAGE-----
'), 'key', 'expect-compress-algo=1');
pgp_sym_decrypt
-----------------
Secret message
(1 row)
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret message', 'key', 'compress-algo=0'),
'key', 'expect-compress-algo=0');
pgp_sym_decrypt
-----------------
Secret message
(1 row)
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret message', 'key', 'compress-algo=1'),
'key', 'expect-compress-algo=1');
pgp_sym_decrypt
-----------------
Secret message
(1 row)
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret message', 'key', 'compress-algo=2'),
'key', 'expect-compress-algo=2');
pgp_sym_decrypt
-----------------
Secret message
(1 row)
-- level=0 should turn compression off
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret message', 'key',
'compress-algo=2, compress-level=0'),
'key', 'expect-compress-algo=0');
pgp_sym_decrypt
-----------------
Secret message
(1 row)
-- check corner case involving an input string of 16kB, as per bug #16476.
SELECT setseed(0);
setseed
---------
(1 row)
WITH random_string AS
(
-- This generates a random string of 16366 bytes. This is chosen
-- as random so that it does not get compressed, and the decompression
-- would work on a string with the same length as the origin, making the
-- test behavior more predictible. lpad() ensures that the generated
-- hexadecimal value is completed by extra zero characters if random()
-- has generated a value strictly lower than 16.
SELECT string_agg(decode(lpad(to_hex((random()*256)::int), 2, '0'), 'hex'), '') as bytes
FROM generate_series(0, 16365)
)
SELECT bytes =
pgp_sym_decrypt_bytea(
pgp_sym_encrypt_bytea(bytes, 'key',
'compress-algo=1,compress-level=1'),
'key', 'expect-compress-algo=1')
AS is_same
FROM random_string;
is_same
---------
t
(1 row)
Reference in New Issue View Git Blame Copy Permalink