upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-03-05 14:54:02 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/common
History
Noah Misch 3f2ab73934 With GB18030, prevent SIGSEGV from reading past end of allocation. 
With GB18030 as source encoding, applications could crash the server via
SQL functions convert() or convert_from().  Applications themselves
could crash after passing unterminated GB18030 input to libpq functions
PQescapeLiteral(), PQescapeIdentifier(), PQescapeStringConn(), or
PQescapeString().  Extension code could crash by passing unterminated
GB18030 input to jsonapi.h functions.  All those functions have been
intended to handle untrusted, unterminated input safely.

A crash required allocating the input such that the last byte of the
allocation was the last byte of a virtual memory page.  Some malloc()
implementations take measures against that, making the SIGSEGV hard to
reach.  Back-patch to v13 (all supported versions).

Author: Noah Misch <noah@leadboat.com>
Author: Andres Freund <andres@anarazel.de>
Reviewed-by: Masahiko Sawada <sawada.mshk@gmail.com>
Backpatch-through: 13
Security: CVE-2025-4207
2025-05-05 04:52:08 -07:00
..
unicode Update copyright for 2021 2021-01-02 13:06:25 -05:00
.gitignore Replace the data structure used for keyword lookup. 2019-01-06 17:02:57 -05:00
archive.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
base64.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
checksum_helper.c Add result size as argument of pg_cryptohash_final() for overflow checks 2021-02-15 10:18:34 +09:00
config_info.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
controldata_utils.c Try to handle torn reads of pg_control in frontend. 2023-10-16 17:23:25 +13:00
cryptohash.c Revert error handling improvements for cryptohashes 2022-01-14 11:25:39 +09:00
cryptohash_openssl.c Revert error handling improvements for cryptohashes 2022-01-14 11:25:39 +09:00
d2s.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
d2s_full_table.h Update copyright for 2021 2021-01-02 13:06:25 -05:00
d2s_intrinsics.h Update copyright for 2021 2021-01-02 13:06:25 -05:00
digit_table.h Change floating-point output format for improved performance. 2019-02-13 15:20:33 +00:00
encnames.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
exec.c Make EXEC_BACKEND more convenient on Linux and FreeBSD. 2023-02-08 13:09:27 +09:00
f2s.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
fe_memutils.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
file_perm.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
file_utils.c Replace pgwin32_is_junction() with lstat(). 2024-11-08 09:36:53 +10:30
hashfn.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
hmac.c Fix incorrect comments in hmac.c and hmac_openssl.c 2022-01-13 09:43:44 +09:00
hmac_openssl.c Fix incorrect comments in hmac.c and hmac_openssl.c 2022-01-13 09:43:44 +09:00
ip.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
jsonapi.c With GB18030, prevent SIGSEGV from reading past end of allocation. 2025-05-05 04:52:08 -07:00
keywords.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
kwlookup.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
link-canary.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
logging.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
Makefile Revert refactoring of hex code to src/common/ 2021-08-19 09:20:19 +09:00
md5.c Make fallback MD5 implementation thread-safe on big-endian systems 2024-08-07 10:44:16 +03:00
md5_common.c Revert error handling improvements for cryptohashes 2022-01-14 11:25:39 +09:00
md5_int.h Update copyright for 2021 2021-01-02 13:06:25 -05:00
pg_get_line.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
pg_lzcompress.c Improve pglz_decompress's defenses against corrupt compressed data. 2023-10-18 20:43:17 -04:00
pgfnames.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
protocol_openssl.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
psprintf.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
relpath.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
restricted_token.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
rmtree.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
ryu_common.h Update copyright for 2021 2021-01-02 13:06:25 -05:00
saslprep.c Guard against enormously long input in pg_saslprep(). 2024-10-28 14:33:55 -04:00
scram-common.c Refactor HMAC implementations 2021-04-03 17:30:49 +09:00
sha1.c Adjust locations which have an incorrect copyright year 2021-06-04 12:19:50 +12:00
sha1_int.h Adjust locations which have an incorrect copyright year 2021-06-04 12:19:50 +12:00
sha2.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
sha2_int.h Update copyright for 2021 2021-01-02 13:06:25 -05:00
sprompt.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
string.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
stringinfo.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
unicode_norm.c Fix buffer overrun in unicode string normalization with empty input 2021-11-11 15:01:45 +09:00
username.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
wait_error.c Update copyright for 2021 2021-01-02 13:06:25 -05:00
wchar.c With GB18030, prevent SIGSEGV from reading past end of allocation. 2025-05-05 04:52:08 -07:00