git.postgresql.org Git - postgresql.git/commitdiff

git projects / postgresql.git / commitdiff

Fix integer-overflow problem in scram_SaltedPassword()

author Richard Guo <rguo@postgresql.org>

2025年3月26日 08:46:51 +0000 (17:46 +0900)

committer Richard Guo <rguo@postgresql.org>

2025年3月26日 08:46:51 +0000 (17:46 +0900)

Setting the iteration count for SCRAM secret generation to INT_MAX
will cause an infinite loop in scram_SaltedPassword() due to integer
overflow, as the loop uses the "i <= iterations" comparison. To fix,
use "i < iterations" instead.

Back-patch to v16 where the user-settable GUC scram_iterations has
been added.

Author: Kevin K Biju <kevinkbiju@gmail.com>
Reviewed-by: Richard Guo <guofenglinux@gmail.com>
Reviewed-by: Michael Paquier <michael@paquier.xyz>
Discussion: https://postgr.es/m/CAM45KeEMm8hnxdTOxA98qhfZ9CzGDdgy3mxgJmy0c+2WwjA6Zg@mail.gmail.com

src/common/scram-common.c patch | blob | blame | history

diff --git a/src/common/scram-common.c b/src/common/scram-common.c

index 400900c51c58410f75a67c6d156eba67312042cc..bfd2a340016cf22bf2d68c8d1a70a27dc63a831c 100644 (file)

--- a/src/common/scram-common.c

+++ b/src/common/scram-common.c

@@ -74,7 +74,7 @@ scram_SaltedPassword(const char *password,

memcpy(result, Ui_prev, key_length);

/* Subsequent iterations */

- for (i = 2; i <= iterations; i++)

+ for (i = 1; i < iterations; i++)

{

#ifndef FRONTEND

This is the main PostgreSQL git repository.

RSS Atom