Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit b918bf8

Browse filesBrowse files
tglsfdctglsfdc
committed
Fix combo_decrypt() to throw an error for zero-length input when using a
padded encryption scheme. Formerly it would try to access res[(unsigned) -1], which resulted in core dumps on 64-bit machines, and was certainly trouble waiting to happen on 32-bit machines (though in at least the known case it was harmless because that byte would be overwritten after return). Per report from Ken Colson; fix by Marko Kreen.
1 parent 44b5efb commit b918bf8
Copy full SHA for b918bf8

File tree

Expand file treeCollapse file tree

2 files changed

+16
-2
lines changed
Filter options
Expand file treeCollapse file tree

2 files changed

+16
-2
lines changed

‎contrib/pgcrypto/px.c

Copy file name to clipboardExpand all lines: contrib/pgcrypto/px.c
+14-1Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@
2626
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
2727
* SUCH DAMAGE.
2828
*
29-
* $PostgreSQL: pgsql/contrib/pgcrypto/px.c,v 1.15 2005/10/15 02:49:06 momjian Exp $
29+
* $PostgreSQL: pgsql/contrib/pgcrypto/px.c,v 1.16 2007/08/23 16:15:51 tgl Exp $
3030
*/
3131

3232
#include "postgres.h"
@@ -58,6 +58,7 @@ static const struct error_desc px_err_list[] = {
5858
{PXE_BAD_SALT_ROUNDS, "Incorrect number of rounds"},
5959
{PXE_MCRYPT_INTERNAL, "mcrypt internal error"},
6060
{PXE_NO_RANDOM, "No strong random source"},
61+
{PXE_DECRYPT_FAILED, "Decryption failed"},
6162
{PXE_PGP_CORRUPT_DATA, "Wrong key or corrupt data"},
6263
{PXE_PGP_CORRUPT_ARMOR, "Corrupt ascii-armor"},
6364
{PXE_PGP_UNSUPPORTED_COMPR, "Unsupported compression algorithm"},
@@ -279,6 +280,18 @@ combo_decrypt(PX_Combo * cx, const uint8 *data, unsigned dlen,
279280

280281
PX_Cipher *c = cx->cipher;
281282

283+
/* decide whether zero-length input is allowed */
284+
if (dlen == 0)
285+
{
286+
/* with padding, empty ciphertext is not allowed */
287+
if (cx->padding)
288+
return PXE_DECRYPT_FAILED;
289+
290+
/* without padding, report empty result */
291+
*rlen = 0;
292+
return 0;
293+
}
294+
282295
bs = px_cipher_block_size(c);
283296
if (bs > 1 && (dlen % bs) != 0)
284297
goto block_error;

‎contrib/pgcrypto/px.h

Copy file name to clipboardExpand all lines: contrib/pgcrypto/px.h
+2-1Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@
2626
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
2727
* SUCH DAMAGE.
2828
*
29-
* $PostgreSQL: pgsql/contrib/pgcrypto/px.h,v 1.17 2007/04/06 05:36:50 tgl Exp $
29+
* $PostgreSQL: pgsql/contrib/pgcrypto/px.h,v 1.18 2007/08/23 16:15:51 tgl Exp $
3030
*/
3131

3232
#ifndef __PX_H
@@ -78,6 +78,7 @@ void px_free(void *p);
7878
#define PXE_BAD_SALT_ROUNDS -15
7979
#define PXE_MCRYPT_INTERNAL -16
8080
#define PXE_NO_RANDOM -17
81+
#define PXE_DECRYPT_FAILED -18
8182

8283
#define PXE_MBUF_SHORT_READ -50
8384

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.