summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Gustafsson2024-09-10 09:02:28 +0000
committerDaniel Gustafsson2024-09-10 09:02:28 +0000
commit390b3cbbb2af3c749587b0697c01c94e0e173510 (patch)
tree1d6432a714488645f471cc62abd042a40f266ecd
parent56fead44dcc70df9f9188fee08e5aefe3da43ccc (diff)
Protect against small overread in SASLprep validation
In case of torn UTF8 in the input data we might end up going past the end of the string since we don't account for length. While validation won't be performed on a sequence with a NULL byte it's better to avoid going past the end to beging with. Fix by taking the length into consideration. Author: Jacob Champion <[email protected]> Reviewed-by: Daniel Gustafsson <[email protected]> Discussion: https://postgr.es/m/CAOYmi+mTnmM172g=_+Yvc47hzzeAsYPy2C4UBY3HK9p-AXNV0g@mail.gmail.com
-rw-r--r--src/common/saslprep.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/src/common/saslprep.c b/src/common/saslprep.c
index 315ccacd7c..78f6fcbd80 100644
--- a/src/common/saslprep.c
+++ b/src/common/saslprep.c
@@ -1004,15 +1004,17 @@ pg_utf8_string_len(const char *source)
const unsigned char *p = (const unsigned char *) source;
int l;
int num_chars = 0;
+ size_t len = strlen(source);
- while (*p)
+ while (len)
{
l = pg_utf_mblen(p);
- if (!pg_utf8_islegal(p, l))
+ if (len < l || !pg_utf8_islegal(p, l))
return -1;
p += l;
+ len -= l;
num_chars++;
}