v1-0001-Avoid-obscure-DES-key-buffer-loop-bounds.patch
application/octet-stream
Filename: v1-0001-Avoid-obscure-DES-key-buffer-loop-bounds.patch
Type: application/octet-stream
Part: 0
Patch
Same data as JSON:
GET /api/v1/attachments/:id/patch
the parsed metadata as JSON — format, series position, per-file stats; never the diff bytes.
API reference →
Format: format-patch
Series: patch v1-0001
Subject: Avoid obscure DES key buffer loop bounds
| File | + | − |
|---|---|---|
| contrib/pgcrypto/crypt-des.c | 5 | 2 |
From 88d7fbd07b2094c101fdd2e8810becfb88db3ec1 Mon Sep 17 00:00:00 2001
From: Ayush Tiwari <ayushtiwari.slg01@gmail.com>
Date: Thu, 30 Apr 2026 02:14:53 +0000
Subject: [PATCH] Avoid obscure DES key buffer loop bounds
px_crypt_des() used pointer subtraction expressions such as
"q - (uint8 *) keybuf - 8" as loop conditions when filling or
updating the eight-byte key buffer. While correct, that form is hard
to read and confuses gcc 16 at -O3 into emitting spurious
-Wstringop-overflow warnings.
Use explicit sizeof(keybuf)-bounded for loops instead. This preserves
the number of bytes processed, makes the bound visible to the
compiler, and applies the clearer form to the similar extended-DES
loop as well.
---
contrib/pgcrypto/crypt-des.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/contrib/pgcrypto/crypt-des.c b/contrib/pgcrypto/crypt-des.c
index 98c30ea122e..f556849cbfc 100644
--- a/contrib/pgcrypto/crypt-des.c
+++ b/contrib/pgcrypto/crypt-des.c
@@ -651,6 +651,7 @@ char *
px_crypt_des(const char *key, const char *setting)
{
int i;
+ size_t bytenum;
uint32 count,
salt,
l,
@@ -670,7 +671,7 @@ px_crypt_des(const char *key, const char *setting)
* zeros.
*/
q = (uint8 *) keybuf;
- while (q - (uint8 *) keybuf - 8)
+ for (bytenum = 0; bytenum < sizeof(keybuf); bytenum++)
{
*q++ = *key << 1;
if (*key != '\0')
@@ -714,7 +715,9 @@ px_crypt_des(const char *key, const char *setting)
* And XOR with the next 8 characters of the key.
*/
q = (uint8 *) keybuf;
- while (q - (uint8 *) keybuf - 8 && *key)
+ for (bytenum = 0;
+ bytenum < sizeof(keybuf) && *key;
+ bytenum++)
*q++ ^= *key++ << 1;
if (des_setkey((char *) keybuf))
--
2.43.0