postgres

mirror of https://github.com/postgres/postgres.git synced 2025-05-05 09:19:17 +03:00

History

Richard Guo 34fbfe1f57 Fix integer-overflow problem in scram_SaltedPassword()

Setting the iteration count for SCRAM secret generation to INT_MAX
will cause an infinite loop in scram_SaltedPassword() due to integer
overflow, as the loop uses the "i <= iterations" comparison.  To fix,
use "i < iterations" instead.

Back-patch to v16 where the user-settable GUC scram_iterations has
been added.

Author: Kevin K Biju <kevinkbiju@gmail.com>
Reviewed-by: Richard Guo <guofenglinux@gmail.com>
Reviewed-by: Michael Paquier <michael@paquier.xyz>
Discussion: https://postgr.es/m/CAM45KeEMm8hnxdTOxA98qhfZ9CzGDdgy3mxgJmy0c+2WwjA6Zg@mail.gmail.com

2025-03-26 17:49:57 +09:00

unicode

Clean up newlines following left parentheses

2024-11-26 17:10:07 +01:00

.gitignore

Replace the data structure used for keyword lookup.

2019-01-06 17:02:57 -05:00

archive.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

base64.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

binaryheap.c

Revert indexed and enlargable binary heap implementation.

2024-04-11 17:18:05 +09:00

blkreftable.c

Fix incorrect calculation in BlockRefTableEntryGetBlocks.

2024-04-05 13:41:19 -04:00

checksum_helper.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

compression.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

config_info.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

controldata_utils.c

Expose new function get_controlfile_by_exact_path().

2024-03-13 12:06:44 -04:00

cryptohash_openssl.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

cryptohash.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

d2s_full_table.h

Update copyright for 2024

2024-01-03 20:49:05 -05:00

d2s_intrinsics.h

Update copyright for 2024

2024-01-03 20:49:05 -05:00

d2s.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

digit_table.h

Change floating-point output format for improved performance.

2019-02-13 15:20:33 +00:00

encnames.c

Simplify pg_enc2gettext_tbl[] with C99-designated initializer syntax

2024-03-01 18:03:48 +09:00

exec.c

Fix errorhandling for reading from a pipe

2024-03-08 22:53:06 +01:00

f2s.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

fe_memutils.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

file_perm.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

file_utils.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

hashfn.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

hmac_openssl.c

Unwind #if spaghetti in hmac_openssl.c a bit.

2024-04-02 10:41:44 -04:00

hmac.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

ip.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

jsonapi.c

Typo fix

2024-07-08 22:12:42 +09:00

keywords.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

kwlookup.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

link-canary.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

logging.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

Makefile

Unicode case mapping tables and functions.

2024-03-07 11:15:06 -08:00

md5_common.c

Fix documentation comment for pg_md5_hash

2024-03-14 09:23:37 +01:00

md5_int.h

Update copyright for 2024

2024-01-03 20:49:05 -05:00

md5.c

Make fallback MD5 implementation thread-safe on big-endian systems

2024-08-07 10:44:00 +03:00

meson.build

meson: Export all libcommon functions in Windows builds

2024-12-25 18:14:26 +02:00

parse_manifest.c

Clean up newlines following left parentheses

2024-11-26 17:10:07 +01:00

percentrepl.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

pg_get_line.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

pg_lzcompress.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

pg_prng.c

Add functions to generate random numbers in a specified range.

2024-03-27 10:12:39 +00:00

pgfnames.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

protocol_openssl.c

Update copyright for 2024

2024-01-03 20:49:05 -05:00

psprintf.c

Use printf's %m format instead of strerror(errno) in more places

2024-03-12 10:02:54 +09:00

relpath.c

Replace BackendIds with 0-based ProcNumbers

2024-03-03 19:38:22 +02:00

restricted_token.c

2024-01-03 20:49:05 -05:00

rmtree.c

2024-01-03 20:49:05 -05:00

ryu_common.h

2024-01-03 20:49:05 -05:00

saslprep.c

Guard against enormously long input in pg_saslprep().

2024-10-28 14:33:55 -04:00

scram-common.c

Fix integer-overflow problem in scram_SaltedPassword()

2025-03-26 17:49:57 +09:00

sha1_int.h

2024-01-03 20:49:05 -05:00

sha1.c

2024-01-03 20:49:05 -05:00

sha2_int.h

2024-01-03 20:49:05 -05:00

sha2.c

2024-01-03 20:49:05 -05:00

sprompt.c

2024-01-03 20:49:05 -05:00

string.c

2024-01-03 20:49:05 -05:00

stringinfo.c

Add destroyStringInfo function for cleaning up StringInfos

2024-03-16 23:18:28 +01:00

unicode_case.c

Fix incorrect year in some copyright notices added this year

2024-05-15 15:01:21 +12:00

unicode_category.c

Pre-beta mechanical code beautification.

2024-05-14 16:34:50 -04:00

unicode_norm.c

2024-01-03 20:49:05 -05:00

username.c

2024-01-03 20:49:05 -05:00

wait_error.c

2024-01-03 20:49:05 -05:00

wchar.c

Add pg_encoding_set_invalid()

2025-02-10 10:03:38 -05:00