Re: BUG #16476: pgp_sym_encrypt_bytea with compress-level=6 : Wrong key or corrupt data

Kyotaro Horiguchi <horikyota.ntt@gmail.com>

From: Kyotaro Horiguchi <horikyota.ntt@gmail.com>
To: jeff.janes@gmail.com
Cc: frank.gagnepain@intm.fr, pgsql-bugs@lists.postgresql.org
Date: 2020-06-11T11:58:31Z
Lists: pgsql-bugs

Attachments

At Wed, 3 Jun 2020 08:35:02 -0400, Jeff Janes <jeff.janes@gmail.com> wrote in 
> I can reproduce this at any compression level if the data is random (not
> compressible) and exactly 16365 bytes long.  If the data is compressible,
> then you need a longer length of message to reproduce it and it depends on
> the random content and compression level.
> 
> I'm attaching the reproducer as a Perl script.  I have not investigated the
> C code of pgcrypto itself.

Thanks for the reproducer.

Compressed stream must end with a normal packet. If a stream ends with
a complete stream packet, deflator adds a zero-length normal packet at
the end.  decompress_read forgets to read such a terminating packet
when EOF comes at just at the end of the last stream packet. An extra
call to pullf_read at EOF correctly consumes such an extra packet.
The extra call doesn't harm if a stream ends with partial normal
packet.

The reproducer becomes not to fail with the attached patch.

regards.

-- 
Kyotaro Horiguchi
NTT Open Source Software Center

Commits

  1. Fix corner case with 16kB-long decompression in pgcrypto, take 2

  2. Fix ancient violation of zlib's API spec.

  3. Revert "Fix corner case with PGP decompression in pgcrypto"

  4. Fix corner case with PGP decompression in pgcrypto