Thread-unsafe MD5 on big-endian systems with no OpenSSL

Heikki Linnakangas <hlinnaka@iki.fi>

From: Heikki Linnakangas <hlinnaka@iki.fi>
To: "pgsql-hackers@postgresql.org" <pgsql-hackers@postgresql.org>
Date: 2024-08-06T12:23:26Z
Lists: pgsql-hackers

Attachments

While browsing through all our global variables for the multithreading 
effort, I noticed that our MD5 implementation in src/common/md5.c uses a 
static buffer on big-endian systems, which makes it not thread-safe. 
That's a bug because that function is also used in libpq.

This was introduced in commit b67b57a966, which replaced the old MD5 
fallback implementation with the one from pgcrypto. The thread-safety 
didn't matter for pgcrypto, but for libpq it does.

This only affects big-endian systems that are compiled without OpenSSL.

-- 
Heikki Linnakangas
Neon (https://neon.tech)

Commits

  1. Make fallback MD5 implementation thread-safe on big-endian systems

  2. Refactor MD5 implementations according to new cryptohash infrastructure