Re: glibc qsort() vulnerability

Mats Kindahl <mats@timescale.com>

From: Mats Kindahl <mats@timescale.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: pgsql-hackers@lists.postgresql.org
Date: 2024-02-07T09:01:58Z
Lists: pgsql-hackers

Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Use new overflow-safe integer comparison functions.

  2. Introduce overflow-safe integer comparison functions.

  3. Replace calls to pg_qsort() with the qsort() macro.

  4. Switch over to using our own qsort() all the time, as has been proposed

On Tue, Feb 6, 2024 at 4:11 PM Tom Lane <tgl@sss.pgh.pa.us> wrote:

> Mats Kindahl <mats@timescale.com> writes:
> > There is a bug in glibc's qsort() algorithm that runs the risk of
> creating
> > an out-of-bounds error if the comparison function is not transitive, for
> > example, if subtraction is used so that it can create an overflow.
>
> We don't use glibc's qsort.  Have you checked whether there's a
> problem with the code we do use?
>

Interesting. No, haven't checked. Will do that.

Best wishes,
Mats Kindahl

>
>                         regards, tom lane
>