rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
postgresql/src/common
History
Tom Lane 985ac5ce29 Improve pglz_decompress's defenses against corrupt compressed data. 
When processing a match tag, check to see if the claimed "off"
is more than the distance back to the output buffer start.
If it is, then the data is corrupt, and what's more we would
fetch from outside the buffer boundaries and potentially incur
a SIGSEGV.  (Although the odds of that seem relatively low, given
that "off" can't be more than 4K.)

Back-patch to v13; before that, this function wasn't really
trying to protect against bad data.

Report and fix by Flavien Guedez.

Discussion: https://postgr.es/m/01fc0593-e31e-463d-902c-dd43174acee2@oopacity.net
 		2023-10-18 20:43:17 -04:00
..
unicode Make update-unicode target work in vpath builds 2022-03-25 09:47:50 +01:00
.gitignore Replace the data structure used for keyword lookup. 2019-01-06 17:02:57 -05:00
Makefile Rename backup_compression.{c,h} to compression.{c,h} 2022-04-12 13:38:54 +09:00
archive.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
base64.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
checksum_helper.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
compression.c Message style improvements 2022-09-24 18:38:35 -04:00
config_info.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
controldata_utils.c Try to handle torn reads of pg_control in frontend. 2023-10-16 17:23:02 +13:00
cryptohash.c Fix comment related to pg_cryptohash_error() 2022-01-12 12:39:36 +09:00
cryptohash_openssl.c Pre-beta mechanical code beautification. 2022-05-12 15:17:30 -04:00
d2s.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
d2s_full_table.h Update copyright for 2022 2022-01-07 19:04:57 -05:00
d2s_intrinsics.h Update copyright for 2022 2022-01-07 19:04:57 -05:00
digit_table.h Change floating-point output format for improved performance. 2019-02-13 15:20:33 +00:00
encnames.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
exec.c Pre-beta mechanical code beautification. 2022-05-12 15:17:30 -04:00
f2s.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
fe_memutils.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
file_perm.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
file_utils.c Fix get_dirent_type() for symlinks on MinGW/MSYS. 2022-07-28 14:27:28 +12:00
hashfn.c Use bitwise rotate functions in more places 2022-02-20 13:22:08 +07:00
hmac.c Improve error handling of HMAC computations 2022-01-13 16:17:21 +09:00
hmac_openssl.c Clear the OpenSSL error queue before cryptohash operations 2022-05-06 14:41:31 +02:00
ip.c Suppress integer-overflow compiler warning for inconsistent sun_len. 2022-02-14 11:25:46 -05:00
jsonapi.c Fix JSON error reporting for many cases of erroneous string values. 2023-03-13 15:19:00 -04:00
keywords.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
kwlookup.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
link-canary.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
logging.c logging: Also add the command prefix to detail and hint messages 2022-05-30 07:26:06 +02:00
md5.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
md5_common.c Add missing error handling in pg_md5_hash(). 2022-04-18 20:04:55 -04:00
md5_int.h Update copyright for 2022 2022-01-07 19:04:57 -05:00
pg_get_line.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
pg_lzcompress.c Improve pglz_decompress's defenses against corrupt compressed data. 2023-10-18 20:43:17 -04:00
pg_prng.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
pgfnames.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
protocol_openssl.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
psprintf.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
relpath.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
restricted_token.c Improve frontend error logging style. 2022-04-08 14:55:14 -04:00
rmtree.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
ryu_common.h Update copyright for 2022 2022-01-07 19:04:57 -05:00
saslprep.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
scram-common.c Improve error handling of HMAC computations 2022-01-13 16:17:21 +09:00
sha1.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
sha1_int.h Update copyright for 2022 2022-01-07 19:04:57 -05:00
sha2.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
sha2_int.h Update copyright for 2022 2022-01-07 19:04:57 -05:00
sprompt.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
string.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
stringinfo.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
unicode_norm.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
username.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
wait_error.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
wchar.c Improve code clarity in epilogue of UTF-8 verification fast path 2022-01-17 22:53:50 -05:00