Guard against send-lots-and-lots-of-data DoS attack from unauthenticated
Tom Lane <tgl@sss.pgh.pa.us>
Guard against send-lots-and-lots-of-data DoS attack from unauthenticated users, by limiting the length of string we will accept for a password. Patch by Serguei Mokhov, some editorializing by Tom Lane.
Files
| Path | Change | +/− |
|---|---|---|
| src/backend/libpq/auth.c | modified | +4 −5 |
| src/backend/libpq/be-secure.c | modified | +2 −2 |
| src/backend/libpq/pqcomm.c | modified | +16 −5 |
| src/backend/libpq/pqformat.c | modified | +10 −8 |
| src/include/libpq/libpq.h | modified | +2 −2 |
| src/include/libpq/pqformat.h | modified | +4 −2 |