postgresql/contrib
Noah Misch b84e5c017c pgcrypto: Report errant decryption as "Wrong key or corrupt data".
This has been the predominant outcome.  When the output of decrypting
with a wrong key coincidentally resembled an OpenPGP packet header,
pgcrypto could instead report "Corrupt data", "Not text data" or
"Unsupported compression algorithm".  The distinct "Corrupt data"
message added no value.  The latter two error messages misled when the
decrypted payload also exhibited fundamental integrity problems.  Worse,
error message variance in other systems has enabled cryptologic attacks;
see RFC 4880 section "14. Security Considerations".  Whether these
pgcrypto behaviors are likewise exploitable is unknown.

In passing, document that pgcrypto does not resist side-channel attacks.
Back-patch to 9.0 (all supported versions).

Security: CVE-2015-3167
2015-05-18 10:02:39 -04:00
..
adminpack
auto_explain Fix auto-explain JSON output to be valid JSON. 2012-02-13 08:23:13 -05:00
btree_gin
btree_gist Support timezone abbreviations that sometimes change. 2014-10-16 15:22:26 -04:00
chkpass Prevent potential overruns of fixed-size buffers. 2014-02-17 11:20:35 -05:00
citext
cube Revert "Fix bogus %name-prefix option syntax in all our Bison files." 2014-05-28 19:29:53 -04:00
dblink Lock down regression testing temporary clusters on Windows. 2014-12-17 22:48:48 -05:00
dict_int Fix bogus code in contrib/ tsearch dictionary examples. 2011-11-03 19:17:59 -04:00
dict_xsyn Fix bogus code in contrib/ tsearch dictionary examples. 2011-11-03 19:17:59 -04:00
earthdistance Remove tabs after spaces in C comments 2014-05-06 11:26:25 -04:00
fuzzystrmatch Add missing va_end() call to a early exit in dmetaphone.c's StringAt(). 2015-01-04 15:35:48 +01:00
hstore Remove tabs after spaces in C comments 2014-05-06 11:26:25 -04:00
intagg
intarray Replace insertion sort in contrib/intarray with qsort(). 2015-03-15 23:22:03 -04:00
isn Fix calculation of ISMN check digit. 2014-01-13 15:44:12 +02:00
lo Defend against bad trigger definitions in contrib/lo's lo_manage() trigger. 2013-11-23 22:46:15 -05:00
ltree Remove tabs after spaces in C comments 2014-05-06 11:26:25 -04:00
oid2name Remove tabs after spaces in C comments 2014-05-06 11:26:25 -04:00
pageinspect Check block number against the correct fork in get_raw_page(). 2014-07-22 11:46:04 -04:00
passwordcheck
pg_archivecleanup Remove tabs after spaces in C comments 2014-05-06 11:26:25 -04:00
pg_buffercache
pg_freespacemap
pg_standby pg_standby: Avoid writing one byte beyond the end of the buffer. 2015-01-15 09:42:47 -05:00
pg_stat_statements Avoid unportable usage of sscanf(UINT64_FORMAT). 2014-05-26 22:23:42 -04:00
pg_trgm Fix possible buffer overrun in contrib/pg_trgm. 2014-01-13 13:07:23 -05:00
pg_upgrade Fix typos 2015-05-17 22:23:35 -04:00
pg_upgrade_support
pgbench Fix resource leak pointed out by Coverity. 2014-12-30 19:37:55 +09:00
pgcrypto pgcrypto: Report errant decryption as "Wrong key or corrupt data". 2015-05-18 10:02:39 -04:00
pgrowlocks
pgstattuple Remove tabs after spaces in C comments 2014-05-06 11:26:25 -04:00
seg Revert "Fix bogus %name-prefix option syntax in all our Bison files." 2014-05-28 19:29:53 -04:00
spi Remove tabs after spaces in C comments 2014-05-06 11:26:25 -04:00
sslinfo Remove tabs after spaces in C comments 2014-05-06 11:26:25 -04:00
start-scripts Fix overly-aggressive and inconsistent quoting in OS X start script. 2011-11-26 13:01:32 -05:00
tablefunc Handle unexpected query results, especially NULLs, safely in connectby(). 2015-01-29 20:18:46 -05:00
test_parser Fix one-byte buffer overrun in contrib/test_parser. 2012-01-09 19:57:33 -05:00
tsearch2
unaccent Fix inadequately-sized output buffer in contrib/unaccent. 2014-07-01 11:23:01 -04:00
uuid-ossp When using the OSSP UUID library, cache its uuid_t state object. 2014-05-29 13:51:15 -04:00
vacuumlo Back-patch contrib/vacuumlo's new -l (limit) option into 9.0 and 9.1. 2012-03-21 13:05:05 -04:00
xml2 Free libxml2/libxslt resources in a safer order. 2014-11-27 11:13:03 -05:00
contrib-global.mk
Makefile
README

The PostgreSQL contrib tree
---------------------------

This subtree contains porting tools, analysis utilities, and plug-in
features that are not part of the core PostgreSQL system, mainly because
they address a limited audience or are too experimental to be part of
the main source tree.  This does not preclude their usefulness.

User documentation for each module appears in the main SGML documentation.

Most items can be built with `gmake all' and installed with
`gmake install' in the usual fashion, after you have run the `configure'
script in the top-level directory.  Some directories supply new
user-defined functions, operators, or types.  In these cases, after you have
installed the files you need to register the new entities in the database
system by running the commands in the supplied .sql file.  For example,

	$ psql -d dbname -f module.sql

See the PostgreSQL documentation for more information about this
procedure.


Index:
------

adminpack -
	File and log manipulation routines, used by pgAdmin
	by Dave Page <dpage@vale-housing.co.uk>

auto_explain -
	Log EXPLAIN output for long-running queries
	by Takahiro Itagaki <itagaki.takahiro@oss.ntt.co.jp>

btree_gin -
	Support for emulating BTREE indexing in GIN
	by Oleg Bartunov <oleg@sai.msu.su> and Teodor Sigaev <teodor@sigaev.ru>

btree_gist -
	Support for emulating BTREE indexing in GiST
	by Oleg Bartunov <oleg@sai.msu.su> and Teodor Sigaev <teodor@sigaev.ru>

chkpass -
	An auto-encrypted password datatype
	by D'Arcy J.M. Cain <darcy@druid.net>

citext -
	A case-insensitive character string datatype
	by David E. Wheeler <david@kineticode.com>

cube -
	Multidimensional-cube datatype (GiST indexing example)
	by Gene Selkov, Jr. <selkovjr@mcs.anl.gov>

dblink -
	Allows remote query execution
	by Joe Conway <mail@joeconway.com>

dict_int -
	Text search dictionary template for integers
	by Sergey Karpov <karpov@sao.ru>

dict_xsyn -
	Text search dictionary template for extended synonym processing
	by Sergey Karpov <karpov@sao.ru>

earthdistance -
	Functions for computing distances between two points on Earth
        by Bruno Wolff III <bruno@wolff.to> and Hal Snyder <hal@vailsys.com>

fuzzystrmatch -
	Levenshtein, metaphone, and soundex fuzzy string matching
	by Joe Conway <mail@joeconway.com> and Joel Burton <jburton@scw.org>

hstore -
	Module for storing (key, value) pairs
	by Oleg Bartunov <oleg@sai.msu.su> and Teodor Sigaev <teodor@sigaev.ru>

intagg -
	Integer aggregator
	by mlw <markw@mohawksoft.com>

intarray -
	Index support for arrays of int4, using GiST
	by Teodor Sigaev <teodor@sigaev.ru> and Oleg Bartunov <oleg@sai.msu.su>

isn -
	PostgreSQL type extensions for ISBN, ISSN, ISMN, EAN13 product numbers
	by Germ<72>n M<>ndez Bravo (Kronuz) <kronuz@hotmail.com>

lo -
	Large Object maintenance
	by Peter Mount <peter@retep.org.uk> 

ltree -
	Tree-like data structures
	by Teodor Sigaev <teodor@sigaev.ru> and Oleg Bartunov <oleg@sai.msu.su>

oid2name - 
	Maps numeric files to table names
	by B Palmer <bpalmer@crimelabs.net>

pageinspect -
	Allows inspection of database pages
	Heikki Linnakangas <heikki@enterprisedb.com>

passwordcheck -
	Simple password strength checker
	Laurenz Albe <laurenz.albe@wien.gv.at>

pg_buffercache -
	Real time queries on the shared buffer cache
	by Mark Kirkwood <markir@paradise.net.nz>

pg_freespacemap -
	Displays the contents of the free space map (FSM)
	by Mark Kirkwood <markir@paradise.net.nz>

pg_standby -
	Sample archive_command for warm standby operation
	by Simon Riggs <simon@2ndquadrant.com>

pg_stat_statements -
	Track statement execution times across a whole database cluster
	by Takahiro Itagaki <itagaki.takahiro@oss.ntt.co.jp>

pg_trgm -
	Functions for determining the similarity of text based on trigram
	matching.
	by Oleg Bartunov <oleg@sai.msu.su> and Teodor Sigaev <teodor@sigaev.ru>

pg_upgrade -
	Support for in-place upgrade between major releases of PostgreSQL
	Bruce Momjian <bruce@momjian.us> and others

pgbench -
	TPC-B like benchmarking tool
	by Tatsuo Ishii <ishii@sraoss.co.jp>

pgcrypto -
	Cryptographic functions
	by Marko Kreen <marko@l-t.ee>

pgrowlocks -
	A function to return row locking information
	by Tatsuo Ishii <ishii@sraoss.co.jp>

pgstattuple -
	Functions to return statistics about "dead" tuples and free
	space within a table
	by Tatsuo Ishii <ishii@sraoss.co.jp>

seg -
	Confidence-interval datatype (GiST indexing example)
	by Gene Selkov, Jr. <selkovjr@mcs.anl.gov>

spi -
	Various trigger functions, examples for using SPI.

sslinfo -
	Functions to get information about SSL certificates
	by Victor Wagner <vitus@cryptocom.ru>

start-scripts - 
	Scripts for starting the server at boot time on various platforms.

tablefunc -
	Examples of functions returning tables
	by Joe Conway <mail@joeconway.com>

test_parser -
	Sample text search parser
	by Sergey Karpov <karpov@sao.ru>

tsearch2 -
	Compatibility package for the pre-8.3 implementation of text search.
	Pavel Stehule <pavel.stehule@gmail.com>, based on code originally by
	Teodor Sigaev <teodor@sigaev.ru> and Oleg Bartunov <oleg@sai.msu.su>.

unaccent -
	Unaccent dictionary for text search
	Teodor Sigaev <teodor@sigaev.ru> and Oleg Bartunov <oleg@sai.msu.su>.

uuid-ossp -
	UUID generation functions
	by Peter Eisentraut <peter_e@gmx.net>

vacuumlo -
	Remove orphaned large objects
	by Peter T Mount <peter@retep.org.uk>

xml2 -
	Storing XML in PostgreSQL
	by John Gray <jgray@azuli.co.uk>