OSSForks/postgres
1
0
Fork 0
mirror of https://github.com/zebrajr/postgres.git synced 2025-12-06 12:20:15 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
43b434edef
postgres/contrib/pgcrypto
History
Michael Paquier 95992e5ed9 pgcrypto: Detect errors with EVP calls from OpenSSL 
The following routines are called within pgcrypto when handling digests
but there were no checks for failures:
- EVP_MD_CTX_size (can fail with -1 as of 3.0.0)
- EVP_MD_CTX_block_size (can fail with -1 as of 3.0.0)
- EVP_DigestInit_ex
- EVP_DigestUpdate
- EVP_DigestFinal_ex

A set of elog(ERROR) is added by this commit to detect such failures,
that should never happen except in the event of a processing failure
internal to OpenSSL.

Note that it would be possible to use ERR_reason_error_string() to get
more context about such errors, but these refer mainly to the internals
of OpenSSL, so it is not really obvious how useful that would be.  This
is left out for simplicity.

Per report from Coverity.  Thanks to Tom Lane for the discussion.

Backpatch-through: 9.5
2020-12-08 15:22:59 +09:00
..
expected Fix corner case with 16kB-long decompression in pgcrypto, take 2 2020-07-27 15:59:13 +09:00
sql Fix corner case with 16kB-long decompression in pgcrypto, take 2 2020-07-27 15:59:13 +09:00
.gitignore Support "make check" in contrib 2011-04-25 22:27:11 +03:00
blf.c Remove cvs keywords from all files. 2010-09-20 22:08:53 +02:00
blf.h Remove cvs keywords from all files. 2010-09-20 22:08:53 +02:00
crypt-blowfish.c Get rid of trailing semicolons in C macro definitions. 2020-05-01 17:28:01 -04:00
crypt-des.c Add forgotten CHECK_FOR_INTERRUPT calls in pgcrypto's crypt() 2015-12-27 13:03:19 -03:00
crypt-gensalt.c pgindent run for 9.4 2014-05-06 12:12:18 -04:00
crypt-md5.c Add missing error check in pgcrypto/crypt-md5.c. 2020-10-16 11:59:47 -04:00
fortuna.c Fix typos in comments 2016-02-01 11:43:48 +01:00
fortuna.h pgindent run for 9.4 2014-05-06 12:12:18 -04:00
imath.c Allow btree comparison functions to return INT_MIN. 2018-10-05 16:01:30 -04:00
imath.h pgindent run for 9.4 2014-05-06 12:12:18 -04:00
internal-sha2.c pgindent run for 9.4 2014-05-06 12:12:18 -04:00
internal.c Support OpenSSL 1.1.0. 2016-09-15 12:55:38 +03:00
Makefile Update pgcrypto extension for parallel query. 2016-06-09 17:18:14 -04:00
mbuf.c Fix typos in comments. 2017-02-06 11:34:15 +02:00
mbuf.h pgindent run for 9.4 2014-05-06 12:12:18 -04:00
md5.c pgindent run for 9.4 2014-05-06 12:12:18 -04:00
md5.h pgindent run for 9.4 2014-05-06 12:12:18 -04:00
openssl.c pgcrypto: Detect errors with EVP calls from OpenSSL 2020-12-08 15:22:59 +09:00
pgcrypto--1.1--1.2.sql Add functions for dealing with PGP armor header lines to pgcrypto. 2014-10-01 16:03:39 +03:00
pgcrypto--1.2--1.3.sql Update pgcrypto extension for parallel query. 2016-06-09 17:18:14 -04:00
pgcrypto--1.3.sql Minor fixes in contrib installation scripts. 2016-06-14 10:47:06 -04:00
pgcrypto--1.0--1.1.sql Add gen_random_uuid() to contrib/pgcrypto. 2014-01-17 16:52:06 -05:00
pgcrypto--unpackaged--1.0.sql Fix typos in some error messages thrown by extension scripts when fed to psql. 2014-08-25 18:30:37 +02:00
pgcrypto.c Support OpenSSL 1.1.0. 2016-09-15 12:55:38 +03:00
pgcrypto.control Update pgcrypto extension for parallel query. 2016-06-09 17:18:14 -04:00
pgcrypto.h pgindent run for 9.4 2014-05-06 12:12:18 -04:00
pgp-armor.c Rename base64 routines to avoid conflict with Solaris built-in functions. 2018-02-28 18:33:45 -05:00
pgp-cfb.c pgindent run for 9.4 2014-05-06 12:12:18 -04:00
pgp-compress.c Fix corner case with 16kB-long decompression in pgcrypto, take 2 2020-07-27 15:59:13 +09:00
pgp-decrypt.c Fix misc typos in comments. 2019-01-23 13:46:44 +02:00
pgp-encrypt.c pgcrypto: support changing S2K iteration count 2016-03-09 14:31:07 -03:00
pgp-info.c pgindent run for 9.4 2014-05-06 12:12:18 -04:00
pgp-mpi-internal.c Fix typos in comments. 2017-02-06 11:34:15 +02:00
pgp-mpi-openssl.c Fix typos in comments. 2017-02-06 11:34:15 +02:00
pgp-mpi.c pgindent run for 9.4 2014-05-06 12:12:18 -04:00
pgp-pgsql.c pgcrypto: support changing S2K iteration count 2016-03-09 14:31:07 -03:00
pgp-pubdec.c pgindent run for 9.4 2014-05-06 12:12:18 -04:00
pgp-pubenc.c pgindent run for 9.4 2014-05-06 12:12:18 -04:00
pgp-pubkey.c pgindent run for 9.4 2014-05-06 12:12:18 -04:00
pgp-s2k.c Support OpenSSL 1.1.0. 2016-09-15 12:55:38 +03:00
pgp.c pgcrypto: support changing S2K iteration count 2016-03-09 14:31:07 -03:00
pgp.h pgindent run for 9.6 2016-06-09 18:02:36 -04:00
px-crypt.c Support OpenSSL 1.1.0. 2016-09-15 12:55:38 +03:00
px-crypt.h pgindent run for 9.4 2014-05-06 12:12:18 -04:00
px-hmac.c pgindent run for 9.4 2014-05-06 12:12:18 -04:00
px.c Fix typo 2016-08-09 19:08:00 -04:00
px.h Support OpenSSL 1.1.0. 2016-09-15 12:55:38 +03:00
random.c Prevent Valgrind Memcheck errors around px_acquire_system_randomness(). 2015-02-02 10:00:45 -05:00
rijndael.c pgindent run for 9.4 2014-05-06 12:12:18 -04:00
rijndael.h pgindent run for 9.4 2014-05-06 12:12:18 -04:00
rijndael.tbl Remove useless whitespace at end of lines 2010-11-23 22:34:55 +02:00
sha1.c pgindent run for 9.4 2014-05-06 12:12:18 -04:00
sha1.h Fix typos. 2016-03-15 18:06:11 -04:00
sha2.c pgindent run for 9.4 2014-05-06 12:12:18 -04:00
sha2.h pgindent run for 9.4 2014-05-06 12:12:18 -04:00