Thread

Commits

  1. Protect against small overread in SASLprep validation

  1. [PATCH] Fix small overread during SASLprep

    Jacob Champion <jacob.champion@enterprisedb.com> — 2024-09-09T15:29:17Z

    Hi all,
    
    pg_utf8_string_len() doesn't check the remaining string length before
    calling pg_utf8_is_legal(), so there's a possibility of jumping a
    couple of bytes past the end of the string. (The overread stops there,
    because the function won't validate a sequence containing a null
    byte.)
    
    Here's a quick patch to fix it. I didn't see any other uses of
    pg_utf8_is_legal() with missing length checks.
    
    Thanks,
    --Jacob
    
  2. Re: [PATCH] Fix small overread during SASLprep

    Daniel Gustafsson <daniel@yesql.se> — 2024-09-09T18:30:07Z

    > On 9 Sep 2024, at 17:29, Jacob Champion <jacob.champion@enterprisedb.com> wrote:
    
    > pg_utf8_string_len() doesn't check the remaining string length before
    > calling pg_utf8_is_legal(), so there's a possibility of jumping a
    > couple of bytes past the end of the string. (The overread stops there,
    > because the function won't validate a sequence containing a null
    > byte.)
    > 
    > Here's a quick patch to fix it. I didn't see any other uses of
    > pg_utf8_is_legal() with missing length checks.
    
    Just to make sure I understand, this is for guarding against overreads in
    validation of strings containing torn MB characters?  Assuming I didn't
    misunderstand you this patch seems correct to me.
    
    --
    Daniel Gustafsson
    
    
    
    
    
  3. Re: [PATCH] Fix small overread during SASLprep

    Jacob Champion <jacob.champion@enterprisedb.com> — 2024-09-09T18:41:11Z

    On Mon, Sep 9, 2024 at 11:30 AM Daniel Gustafsson <daniel@yesql.se> wrote:
    > Just to make sure I understand, this is for guarding against overreads in
    > validation of strings containing torn MB characters?
    
    Right. Our SASLprep code doesn't require/enforce UTF8-encoded inputs.
    
    > Assuming I didn't
    > misunderstand you this patch seems correct to me.
    
    Thanks for the review!
    
    --Jacob
    
    
    
    
  4. Re: [PATCH] Fix small overread during SASLprep

    Daniel Gustafsson <daniel@yesql.se> — 2024-09-09T21:21:16Z

    > On 9 Sep 2024, at 20:41, Jacob Champion <jacob.champion@enterprisedb.com> wrote:
    > 
    > On Mon, Sep 9, 2024 at 11:30 AM Daniel Gustafsson <daniel@yesql.se> wrote:
    >> Just to make sure I understand, this is for guarding against overreads in
    >> validation of strings containing torn MB characters?
    > 
    > Right. Our SASLprep code doesn't require/enforce UTF8-encoded inputs.
    
    Thanks for confirming, I'll have another look in the morning and will apply
    then unless there are objections.
    
    --
    Daniel Gustafsson
    
    
    
    
    
  5. Re: [PATCH] Fix small overread during SASLprep

    Daniel Gustafsson <daniel@yesql.se> — 2024-09-10T11:39:24Z

    > On 9 Sep 2024, at 23:21, Daniel Gustafsson <daniel@yesql.se> wrote:
    > 
    >> On 9 Sep 2024, at 20:41, Jacob Champion <jacob.champion@enterprisedb.com> wrote:
    >> 
    >> On Mon, Sep 9, 2024 at 11:30 AM Daniel Gustafsson <daniel@yesql.se> wrote:
    >>> Just to make sure I understand, this is for guarding against overreads in
    >>> validation of strings containing torn MB characters?
    >> 
    >> Right. Our SASLprep code doesn't require/enforce UTF8-encoded inputs.
    > 
    > Thanks for confirming, I'll have another look in the morning and will apply
    > then unless there are objections.
    
    Pushed, thanks!
    
    --
    Daniel Gustafsson
    
    
    
    
    
  6. Re: [PATCH] Fix small overread during SASLprep

    Jacob Champion <jacob.champion@enterprisedb.com> — 2024-09-10T15:16:32Z

    On Tue, Sep 10, 2024 at 4:39 AM Daniel Gustafsson <daniel@yesql.se> wrote:
    > Pushed, thanks!
    
    Thank you!
    
    --Jacob