upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-05-22 02:08:24 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/tools
History
Heikki Linnakangas 9dcfcb92ff Add timingsafe_bcmp(), for constant-time memory comparison 
timingsafe_bcmp() should be used instead of memcmp() or a naive
for-loop, when comparing passwords or secret tokens, to avoid leaking
information about the secret token by timing. This commit just
introduces the function but does not change any existing code to use
it yet.

This has been initially applied as of 09be391126 in v18 and newer
versions, and will be used in all the stable branches for an upcoming
fix.

Co-authored-by: Jelte Fennema-Nio <github-tech@jeltef.nl>
Discussion: https://www.postgresql.org/message-id/7b86da3b-9356-4e50-aa1b-56570825e234@iki.fi
Security: CVE-2026-6478
Backpatch-through: 14
2026-05-11 05:13:50 -07:00
..
ci ci: Per-repo configuration for manually trigger tasks 2025-08-14 11:33:51 -04:00
editors Make Emacs perl-mode indent more like perltidy. 2019-01-13 11:32:31 -08:00
ifaddrs Update copyright for 2022 2022-01-07 19:04:57 -05:00
msvc Add timingsafe_bcmp(), for constant-time memory comparison 2026-05-11 05:13:50 -07:00
perlcheck Fix pgperlsyncheck following SSL TAP test refactoring 2022-04-10 09:19:21 -04:00
pginclude Skip SectionMemoryManager.h in cpluspluscheck. 2024-11-28 15:47:17 +13:00
pgindent Consider collation when proving subquery uniqueness 2026-05-05 10:32:42 +09:00
add_commit_links.pl Improve Perl script which adds commit links to release notes 2024-09-19 08:45:32 -04:00
ccsym tools/ccsym: update for modern versions of gcc 2015-01-20 13:02:58 -05:00
check_bison_recursion.pl Update copyright for 2022 2022-01-07 19:04:57 -05:00
codelines Fix remaining stray references to CVS. 2010-09-22 19:51:39 -04:00
copyright.pl Avoid re-writing files unnecessarily in src/tools/copyright.pl. 2022-04-11 11:20:20 -04:00
find_badmacros Remove cvs keywords from all files. 2010-09-20 22:08:53 +02:00
find_static Fix omission of -X (--no-psqlrc) in some psql invocations. 2015-12-28 11:46:43 -05:00
find_typedef Refer to OS X as "macOS", except for the port name which is still "darwin". 2016-09-25 15:40:57 -04:00
fix-old-flex-code.pl Update copyright for 2022 2022-01-07 19:04:57 -05:00
gen_keywordlist.pl Update copyright for 2022 2022-01-07 19:04:57 -05:00
git-external-diff Preserve information on use of git-external-diff 2018-05-24 23:45:31 +09:30
git_changelog Update copyright for 2022 2022-01-07 19:04:57 -05:00
make_ctags Enhance make_ctags and make_etags. 2026-04-10 07:55:16 +09:00
make_etags Improve missing-program error handling in make_ctags and make_etags. 2019-01-13 13:33:50 -05:00
make_mkid Add another pgdefine path check, and a cvs-git change. 2011-08-26 21:52:35 -04:00
mark_pgdllimport.pl Pre-beta mechanical code beautification. 2022-05-12 15:17:30 -04:00
PerfectHash.pm Pre-beta mechanical code beautification. 2022-05-12 15:17:30 -04:00
pgtest pgtest: run clean, build, and check stages separately 2018-07-28 15:34:06 -04:00
RELEASE_CHANGES scripts: add Perl script to add links to release notes 2024-09-16 13:26:37 -04:00
testint128.c Update copyright for 2022 2022-01-07 19:04:57 -05:00
valgrind.supp pgstat: store statistics in shared memory. 2022-04-06 21:29:46 -07:00
version_stamp.pl Update copyright for 2022 2022-01-07 19:04:57 -05:00
win32tzlist.pl Update copyright for 2022 2022-01-07 19:04:57 -05:00