mirror of
https://git.postgresql.org/git/postgresql.git
synced 2024-12-21 08:29:39 +08:00
a59ee88197
Coverity points out that mdc_finish returns a pointer to a local buffer (which of course is gone as soon as the function returns), leaving open a risk of misbehaviors possibly as bad as a stack overwrite. In reality, the only possible call site is in process_data_packets() which does not examine the returned pointer at all. So there's no live bug, but nonetheless the code is confusing and risky. Refactor to avoid the issue by letting process_data_packets() call mdc_finish() directly instead of going through the pullf_read() API. Although this is only cosmetic, it seems good to back-patch so that the logic in pgp-decrypt.c stays in sync across all branches. Marko Kreen |
||
|---|---|---|
| .. | ||
| expected | ||
| sql | ||
| .gitignore | ||
| blf.c | ||
| blf.h | ||
| crypt-blowfish.c | ||
| crypt-des.c | ||
| crypt-gensalt.c | ||
| crypt-md5.c | ||
| fortuna.c | ||
| fortuna.h | ||
| imath.c | ||
| imath.h | ||
| internal-sha2.c | ||
| internal.c | ||
| Makefile | ||
| mbuf.c | ||
| mbuf.h | ||
| md5.c | ||
| md5.h | ||
| openssl.c | ||
| pgcrypto--1.0--1.1.sql | ||
| pgcrypto--1.1--1.2.sql | ||
| pgcrypto--1.2.sql | ||
| pgcrypto--unpackaged--1.0.sql | ||
| pgcrypto.c | ||
| pgcrypto.control | ||
| pgcrypto.h | ||
| pgp-armor.c | ||
| pgp-cfb.c | ||
| pgp-compress.c | ||
| pgp-decrypt.c | ||
| pgp-encrypt.c | ||
| pgp-info.c | ||
| pgp-mpi-internal.c | ||
| pgp-mpi-openssl.c | ||
| pgp-mpi.c | ||
| pgp-pgsql.c | ||
| pgp-pubdec.c | ||
| pgp-pubenc.c | ||
| pgp-pubkey.c | ||
| pgp-s2k.c | ||
| pgp.c | ||
| pgp.h | ||
| px-crypt.c | ||
| px-crypt.h | ||
| px-hmac.c | ||
| px.c | ||
| px.h | ||
| random.c | ||
| rijndael.c | ||
| rijndael.h | ||
| rijndael.tbl | ||
| sha1.c | ||
| sha1.h | ||
| sha2.c | ||
| sha2.h | ||