← Back to branch summary

~ubuntu-branches/ubuntu/utopic/postgresql-9.4/utopic-security

« back to all changes in this revision

Viewing changes to contrib/pgcrypto/random.c

  • Committer: Package Import Robot
  • Author(s): Martin Pitt, CVE-2014-8161
  • Date: 2015-02-06 12:31:46 UTC
  • mfrom: (1.1.5) (7.1.2 utopic-proposed)
  • Revision ID: package-import@ubuntu.com-20150206123146-vtmf30jbkm7w16p8
Tags: 9.4.1-0ubuntu0.14.10
https://launchpad.net/bugs/1418928
* New upstream security/bug fix release (LP: #1418928)
  - Fix buffer overruns in to_char() [CVE-2015-0241]
  - Fix buffer overruns in contrib/pgcrypto [CVE-2015-0243]
  - Fix possible loss of frontend/backend protocol synchronization after an
    error [CVE-2015-0244]
  - Fix information leak via constraint-violation error messages
    [CVE-2014-8161]
  - See release notes for details about other fixes:
    http://www.postgresql.org/about/news/1569/

Show diffs side-by-side

added added

removed removed

Lines of Context:
contrib/pgcrypto/random.c
32
32
#include "postgres.h"
33
33
 
34
34
#include "px.h"
 
35
#include "utils/memdebug.h"
35
36
 
36
37
/* how many bytes to ask from system random provider */
37
38
#define RND_BYTES  32
195
196
        memcpy(dst, (uint8 *) &x, sizeof(x));
196
197
        dst += sizeof(x);
197
198
 
198
 
        /* let's be desperate */
 
199
        /* hash of uninitialized stack and heap allocations */
199
200
        res = px_find_digest("sha1", &md);
200
201
        if (res >= 0)
201
202
        {
203
204
                uint8           stack[8192];
204
205
                int                     alloc = 32 * 1024;
205
206
 
 
207
                VALGRIND_MAKE_MEM_DEFINED(stack, sizeof(stack));
206
208
                px_md_update(md, stack, sizeof(stack));
207
209
                ptr = px_alloc(alloc);
 
210
                VALGRIND_MAKE_MEM_DEFINED(ptr, alloc);
208
211
                px_md_update(md, ptr, alloc);
209
212
                px_free(ptr);
210
213