Fix integer-overflow problem in scram_SaltedPassword() - postgresql.git - This is the main PostgreSQL git repository.

diff options

author	Richard Guo	2025-03-26 08:46:51 +0000
committer	Richard Guo	2025-03-26 08:46:51 +0000
commit	7c82b4f711877b175142bb2b2a6e2c2ee2429441 (patch)
tree	3bb928505abaf48be9b042e6df2d753b59a9075e /doc/src/sgml/postgres-fdw.sgml
parent	787514b30bb7dd0b3484d6cb717e3b9aafc06c4a (diff)

Fix integer-overflow problem in scram_SaltedPassword()

Setting the iteration count for SCRAM secret generation to INT_MAX will cause an infinite loop in scram_SaltedPassword() due to integer overflow, as the loop uses the "i <= iterations" comparison. To fix, use "i < iterations" instead. Back-patch to v16 where the user-settable GUC scram_iterations has been added. Author: Kevin K Biju <kevinkbiju@gmail.com> Reviewed-by: Richard Guo <guofenglinux@gmail.com> Reviewed-by: Michael Paquier <michael@paquier.xyz> Discussion: https://postgr.es/m/CAM45KeEMm8hnxdTOxA98qhfZ9CzGDdgy3mxgJmy0c+2WwjA6Zg@mail.gmail.com

Diffstat (limited to 'doc/src/sgml/postgres-fdw.sgml')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: