mirror of
https://git.postgresql.org/git/postgresql.git
synced 2024-09-13 03:58:03 +02:00
d7ecba937b
The following routines are called within pgcrypto when handling digests but there were no checks for failures: - EVP_MD_CTX_size (can fail with -1 as of 3.0.0) - EVP_MD_CTX_block_size (can fail with -1 as of 3.0.0) - EVP_DigestInit_ex - EVP_DigestUpdate - EVP_DigestFinal_ex A set of elog(ERROR) is added by this commit to detect such failures, that should never happen except in the event of a processing failure internal to OpenSSL. Note that it would be possible to use ERR_reason_error_string() to get more context about such errors, but these refer mainly to the internals of OpenSSL, so it is not really obvious how useful that would be. This is left out for simplicity. Per report from Coverity. Thanks to Tom Lane for the discussion. Backpatch-through: 9.5 |
||
|---|---|---|
| .. | ||
| expected | ||
| sql | ||
| .gitignore | ||
| blf.c | ||
| blf.h | ||
| crypt-blowfish.c | ||
| crypt-des.c | ||
| crypt-gensalt.c | ||
| crypt-md5.c | ||
| imath.c | ||
| imath.h | ||
| internal-sha2.c | ||
| internal.c | ||
| Makefile | ||
| mbuf.c | ||
| mbuf.h | ||
| md5.c | ||
| md5.h | ||
| openssl.c | ||
| pgcrypto--1.0--1.1.sql | ||
| pgcrypto--1.1--1.2.sql | ||
| pgcrypto--1.2--1.3.sql | ||
| pgcrypto--1.3.sql | ||
| pgcrypto--unpackaged--1.0.sql | ||
| pgcrypto.c | ||
| pgcrypto.control | ||
| pgcrypto.h | ||
| pgp-armor.c | ||
| pgp-cfb.c | ||
| pgp-compress.c | ||
| pgp-decrypt.c | ||
| pgp-encrypt.c | ||
| pgp-info.c | ||
| pgp-mpi-internal.c | ||
| pgp-mpi-openssl.c | ||
| pgp-mpi.c | ||
| pgp-pgsql.c | ||
| pgp-pubdec.c | ||
| pgp-pubenc.c | ||
| pgp-pubkey.c | ||
| pgp-s2k.c | ||
| pgp.c | ||
| pgp.h | ||
| px-crypt.c | ||
| px-crypt.h | ||
| px-hmac.c | ||
| px.c | ||
| px.h | ||
| rijndael.c | ||
| rijndael.h | ||
| rijndael.tbl | ||
| sha1.c | ||
| sha1.h | ||