database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-23 03:21:12 +03:00
Code Activity

Fix stack clobber in new uuid-ossp code.

Browse Source 
The V5 (SHA1 hashing) code wrote 20 bytes into a 16-byte local variable.
This had accidentally failed to fail in my testing and Matteo's, but
buildfarm results exposed the problem.
This commit is contained in:
Tom Lane
2014-05-28 11:50:41 -04:00
parent 8232d6df4c
commit 2103218dd4
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
contrib/uuid-ossp/uuid-ossp.c
View File

@ -316,16 +316,19 @@ uuid_generate_internal(int v, unsigned char *ns, char *ptr, int len)
MD5Init(&ctx); MD5Init(&ctx);
MD5Update(&ctx, ns, sizeof(uu)); MD5Update(&ctx, ns, sizeof(uu));
MD5Update(&ctx, (unsigned char *) ptr, len); MD5Update(&ctx, (unsigned char *) ptr, len);
/* we assume sizeof MD5 result is 16, same as UUID size */
MD5Final((unsigned char *) &uu, &ctx); MD5Final((unsigned char *) &uu, &ctx);
} }
else else
{ {
SHA1_CTX ctx; SHA1_CTX ctx;
unsigned char sha1result[SHA1_RESULTLEN];
SHA1Init(&ctx); SHA1Init(&ctx);
SHA1Update(&ctx, ns, sizeof(uu)); SHA1Update(&ctx, ns, sizeof(uu));
SHA1Update(&ctx, (unsigned char *) ptr, len); SHA1Update(&ctx, (unsigned char *) ptr, len);
SHA1Final((unsigned char *) &uu, &ctx); SHA1Final(sha1result, &ctx);
memcpy(&uu, sha1result, sizeof(uu));
} }
/* the calculated hash is using local order */ /* the calculated hash is using local order */