]> granicus.if.org Git - postgresql/commit
Fix buffer overflow when processing SCRAM final message in libpq
authorMichael Paquier <michael@paquier.xyz>
Mon, 17 Jun 2019 13:13:57 +0000 (22:13 +0900)
committerMichael Paquier <michael@paquier.xyz>
Mon, 17 Jun 2019 13:13:57 +0000 (22:13 +0900)
commitb67421178880f9df337dc19b8601b54b99efbc78
tree9811078ef059290bdbad80110960bced2250a8de
parent09ec55b933091cb5b0af99978718cb3d289c71b6
Fix buffer overflow when processing SCRAM final message in libpq

When a client connects to a rogue server sending specifically-crafted
messages, this can suffice to execute arbitrary code as the operating
system account used by the client.

While on it, fix one error handling when decoding an incorrect salt
included in the first message received from server.

Author: Michael Paquier
Reviewed-by: Jonathan Katz, Heikki Linnakangas
Security: CVE-2019-10164
Backpatch-through: 10
src/interfaces/libpq/fe-auth-scram.c