Re: Modern SHA2- based password hashes for pgcrypto
Bernd Helmle <mailings@oopsware.de>
From: Bernd Helmle <mailings@oopsware.de>
To: Andres Freund <andres@anarazel.de>, Alvaro Herrera
<alvherre@alvh.no-ip.org>
Cc: Japin Li <japinli@hotmail.com>, PostgreSQL Development <pgsql-hackers@postgresql.org>
Date: 2025-04-07T07:09:39Z
Lists: pgsql-hackers
Am Sonntag, dem 06.04.2025 um 23:02 -0400 schrieb Andres Freund: > Hi, > > On 2025-04-05 19:22:58 +0200, Alvaro Herrera wrote: > > I have pushed this now, hoping it won't explode. > > I have a WIP patch that adds gcc specific allocator attributes for > palloc et > al. Just rebased that. It warns on the new code as follows: > > [1489/1804 42 82%] Compiling C object > contrib/pgcrypto/pgcrypto.so.p/crypt-sha.c.o > ../../../../../home/andres/src/postgresql/contrib/pgcrypto/crypt- > sha.c: In function 'px_crypt_shacrypt': > ../../../../../home/andres/src/postgresql/contrib/pgcrypto/crypt- > sha.c:605:13: warning: pointer 'cp' may be used after 'pfree' [-Wuse- > after-free] > 605 | *cp = '\0'; > | ~~~~^~~~~~ > ../../../../../home/andres/src/postgresql/contrib/pgcrypto/crypt- > sha.c:533:9: note: call to 'pfree' here > 533 | pfree(s_bytes); > | ^~~~~~~~~~~~~~ > > And it sure seems to have a point. I'm surprised this isn't causing > wider > issues... Indeed. I think this assignment is useless anyways, since s_bytes is already allocated with palloc0. I must have overseen this one when rearranging code...but yes, strange that it didn't cause drama. Thanks Bernd
Commits
-
Follow-up fixes for SHA-2 patch (commit 749a9e20c).
- 969ab9d4f5d1 18.0 landed
-
Add modern SHA-2 based password hashes to pgcrypto.
- 749a9e20c979 18.0 landed