Fix buffer overrun after incomplete read in pullf_read_max().
Noah Misch <noah@leadboat.com>
Fix buffer overrun after incomplete read in pullf_read_max(). Most callers pass a stack buffer. The ensuing stack smash can crash the server, and we have not ruled out the viability of attacks that lead to privilege escalation. Back-patch to 9.0 (all supported versions). Marko Tiikkaja Security: CVE-2015-0243
Files
| Path | Change | +/− |
|---|---|---|
| contrib/pgcrypto/expected/pgp-info.out | modified | +2 −1 |
| contrib/pgcrypto/expected/pgp-pubkey-decrypt.out | modified | +25 −0 |
| contrib/pgcrypto/mbuf.c | modified | +1 −0 |
| contrib/pgcrypto/sql/pgp-pubkey-decrypt.sql | modified | +26 −0 |