From 08e72a644af745cd01314f8440e6d5f0334b1917 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Thu, 23 Aug 2007 16:16:20 +0000 Subject: [PATCH] Fix combo_decrypt() to throw an error for zero-length input when using a padded encryption scheme. Formerly it would try to access res[(unsigned) -1], which resulted in core dumps on 64-bit machines, and was certainly trouble waiting to happen on 32-bit machines (though in at least the known case it was harmless because that byte would be overwritten after return). Per report from Ken Colson; fix by Marko Kreen. --- contrib/pgcrypto/px.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/contrib/pgcrypto/px.c b/contrib/pgcrypto/px.c index ed7e330edc..0fa6dbc2c7 100644 --- a/contrib/pgcrypto/px.c +++ b/contrib/pgcrypto/px.c @@ -26,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: px.c,v 1.7 2002/03/06 06:09:10 momjian Exp $ + * $Id: px.c,v 1.7.6.1 2007/08/23 16:16:20 tgl Exp $ */ #include @@ -185,6 +185,18 @@ combo_decrypt(PX_Combo * cx, const uint8 *data, unsigned dlen, PX_Cipher *c = cx->cipher; + /* decide whether zero-length input is allowed */ + if (dlen == 0) + { + /* with padding, empty ciphertext is not allowed */ + if (cx->padding) + return -1; + + /* without padding, report empty result */ + *rlen = 0; + return 0; + } + bs = px_cipher_block_size(c); if (bs > 1 && (dlen % bs) != 0) goto block_error; -- 2.40.0