mirror of
https://github.com/postgres/postgres.git
synced 2026-03-16 23:52:13 -04:00
8f8b1ffac0
pgp_sym_decrypt() and pgp_pub_decrypt() will raise such errors, while bytea variants will not. The existing "dat3" test decrypted to non-UTF8 text, so switch that query to bytea. The long-term intent is for type "text" to always be valid in the database encoding. pgcrypto has long been known as a source of exceptions to that intent, but a report about exploiting invalid values of type "text" brought this module to the forefront. This particular exception is straightforward to fix, with reasonable effect on user queries. Back-patch to v14 (all supported versions). Reported-by: Paul Gerste (as part of zeroday.cloud) Reported-by: Moritz Sanft (as part of zeroday.cloud) Author: shihao zhong <zhong950419@gmail.com> Reviewed-by: cary huang <hcary328@gmail.com> Discussion: https://postgr.es/m/CAGRkXqRZyo0gLxPJqUsDqtWYBbgM14betsHiLRPj9mo2=z9VvA@mail.gmail.com Backpatch-through: 14 Security: CVE-2026-2006 |
||
|---|---|---|
| .. | ||
| 3des.sql | ||
| blowfish.sql | ||
| cast5.sql | ||
| crypt-blowfish.sql | ||
| crypt-des.sql | ||
| crypt-md5.sql | ||
| crypt-xdes.sql | ||
| des.sql | ||
| hmac-md5.sql | ||
| hmac-sha1.sql | ||
| init.sql | ||
| md5.sql | ||
| pgp-armor.sql | ||
| pgp-compression.sql | ||
| pgp-decrypt.sql | ||
| pgp-encrypt.sql | ||
| pgp-info.sql | ||
| pgp-pubkey-decrypt.sql | ||
| pgp-pubkey-encrypt.sql | ||
| pgp-pubkey-session.sql | ||
| pgp-zlib-DISABLED.sql | ||
| rijndael.sql | ||
| sha1.sql | ||
| sha2.sql | ||