From: Tom Lane Date: Thu, 23 Aug 2007 16:16:11 +0000 (+0000) Subject: Fix combo_decrypt() to throw an error for zero-length input when using a X-Git-Url: http://git.postgresql.org/gitweb/static/gitweb.js?a=commitdiff_plain;h=0c57c249b5cba28f46a391babb7de24a8d6f5e18;p=users%2Fbernd%2Fpostgres.git Fix combo_decrypt() to throw an error for zero-length input when using a padded encryption scheme. Formerly it would try to access res[(unsigned) -1], which resulted in core dumps on 64-bit machines, and was certainly trouble waiting to happen on 32-bit machines (though in at least the known case it was harmless because that byte would be overwritten after return). Per report from Ken Colson; fix by Marko Kreen. --- diff --git a/contrib/pgcrypto/px.c b/contrib/pgcrypto/px.c index 456d3ed894..70c4685d15 100644 --- a/contrib/pgcrypto/px.c +++ b/contrib/pgcrypto/px.c @@ -185,6 +185,18 @@ combo_decrypt(PX_Combo * cx, const uint8 *data, unsigned dlen, PX_Cipher *c = cx->cipher; + /* decide whether zero-length input is allowed */ + if (dlen == 0) + { + /* with padding, empty ciphertext is not allowed */ + if (cx->padding) + return -1; + + /* without padding, report empty result */ + *rlen = 0; + return 0; + } + bs = px_cipher_block_size(c); if (bs > 1 && (dlen % bs) != 0) goto block_error;