From c835be32cc9c3f685ae093a35d0368f175ed2a33 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Wed, 23 Jun 2021 19:24:36 -0400 Subject: [PATCH] pgcrypto: avoid name conflicts with OpenSSL in one more case. I happened to notice that if compiled --with-gssapi, 9.6's contrib/pgcrypto tests report memory stomps for some SHA operations. Both MEMORY_CONTEXT_CHECKING and valgrind agree there's a problem, though nothing crashes; it appears that the buffer overrun only extends into alignment padding, at least on 64-bit hardware. Investigation found that pgcrypto's references to SHA224_Init et al were being captured by the system OpenSSL library, which of course has slightly incompatible definitions of those functions. We long ago noticed this problem with respect to the sibling functions SHA256_Init and so on, and commit 56f44784f introduced renaming macros to dodge the problem for those. However, it didn't cover the SHA224 family because we didn't use that at the time. When commit 1abf76e82 added those awhile later, it neglected to add a similar renaming macro. Better late than never, so do so now. This appears to affect all branches 8.2 - 9.6, so it's surprising nobody noticed before now. Maybe the effect is somehow specific to the way RHEL8 intertwines its GSS and SSL libraries? Anyway, we refactored all this stuff in v10, so newer branches don't have the problem. --- contrib/pgcrypto/sha2.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/contrib/pgcrypto/sha2.h b/contrib/pgcrypto/sha2.h index 501f0e04463..7e073d99b2c 100644 --- a/contrib/pgcrypto/sha2.h +++ b/contrib/pgcrypto/sha2.h @@ -39,6 +39,9 @@ #define _SHA2_H /* avoid conflict with OpenSSL */ +#define SHA224_Init pg_SHA224_Init +#define SHA224_Update pg_SHA224_Update +#define SHA224_Final pg_SHA224_Final #define SHA256_Init pg_SHA256_Init #define SHA256_Update pg_SHA256_Update #define SHA256_Final pg_SHA256_Final