upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-03-01 04:40:42 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/common
History
Richard Guo 7c82b4f711 Fix integer-overflow problem in scram_SaltedPassword() 
Setting the iteration count for SCRAM secret generation to INT_MAX
will cause an infinite loop in scram_SaltedPassword() due to integer
overflow, as the loop uses the "i <= iterations" comparison.  To fix,
use "i < iterations" instead.

Back-patch to v16 where the user-settable GUC scram_iterations has
been added.

Author: Kevin K Biju <kevinkbiju@gmail.com>
Reviewed-by: Richard Guo <guofenglinux@gmail.com>
Reviewed-by: Michael Paquier <michael@paquier.xyz>
Discussion: https://postgr.es/m/CAM45KeEMm8hnxdTOxA98qhfZ9CzGDdgy3mxgJmy0c+2WwjA6Zg@mail.gmail.com
2025-03-26 17:46:51 +09:00
..
unicode Fix headerscheck warning. 2025-03-18 08:37:07 -07:00
.gitignore Replace the data structure used for keyword lookup. 2019-01-06 17:02:57 -05:00
archive.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
base64.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
binaryheap.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
blkreftable.c Revert workarounds for -Wmissing-braces false positives on old GCC 2025-03-20 11:25:58 +01:00
checksum_helper.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
compression.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
config_info.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
controldata_utils.c Remove various unnecessary (char *) casts 2025-02-20 19:49:27 +01:00
cryptohash.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
cryptohash_openssl.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
d2s.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
d2s_full_table.h Update copyright for 2025 2025-01-01 11:21:55 -05:00
d2s_intrinsics.h Update copyright for 2025 2025-01-01 11:21:55 -05:00
digit_table.h Change floating-point output format for improved performance. 2019-02-13 15:20:33 +00:00
encnames.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
exec.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
f2s.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
fe_memutils.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
file_perm.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
file_utils.c pg_upgrade: Add --swap for faster file transfer. 2025-03-25 16:02:35 -05:00
hashfn.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
hmac.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
hmac_openssl.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
ip.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
jsonapi.c Be clearer about when jsonapi's need_escapes is needed 2025-01-19 09:09:58 -05:00
keywords.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
kwlookup.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
link-canary.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
logging.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
Makefile common/jsonapi: support libpq as a client 2024-09-11 09:01:07 +02:00
md5.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
md5_common.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
md5_int.h Update copyright for 2025 2025-01-01 11:21:55 -05:00
meson.build Update copyright for 2025 2025-01-01 11:21:55 -05:00
parse_manifest.c pg_noreturn to replace pg_attribute_noreturn() 2025-03-13 12:37:26 +01:00
percentrepl.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
pg_get_line.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
pg_lzcompress.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
pg_prng.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
pgfnames.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
psprintf.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
relpath.c Change relpath() et al to return path by value 2025-02-25 09:02:07 -05:00
restricted_token.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
rmtree.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
ryu_common.h Update copyright for 2025 2025-01-01 11:21:55 -05:00
saslprep.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
scram-common.c Fix integer-overflow problem in scram_SaltedPassword() 2025-03-26 17:46:51 +09:00
sha1.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
sha1_int.h Update copyright for 2025 2025-01-01 11:21:55 -05:00
sha2.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
sha2_int.h Update copyright for 2025 2025-01-01 11:21:55 -05:00
sprompt.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
string.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
stringinfo.c Fix a compiler warning in initStringInfo(). 2025-01-11 15:52:37 +09:00
unicode_case.c Fix headerscheck warning. 2025-03-18 08:37:07 -07:00
unicode_category.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
unicode_norm.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
username.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
wait_error.c Update copyright for 2025 2025-01-01 11:21:55 -05:00
wchar.c Add pg_encoding_set_invalid() 2025-02-10 10:03:37 -05:00