Re: fix for palloc() of user-supplied length
| От | Serguei Mokhov |
|---|---|
| Тема | Re: fix for palloc() of user-supplied length |
| Дата | |
| Msg-id | 004f01c25248$2bc2b9e0$0301a8c0@gunnymede.lan обсуждение исходный текст |
| Ответ на | Re: fix for palloc() of user-supplied length (Bruce Momjian <pgman@candle.pha.pa.us>) |
| Список | pgsql-patches |
----- Original Message ----- From: "Bruce Momjian" <pgman@candle.pha.pa.us> Sent: September 02, 2002 1:05 AM > Would someone submit a patch for this? Working on it. -s > Tom Lane wrote: > > Neil Conway <neilc@samurai.com> writes: > > > (2) The length supplied by the user is completely ignored by > > > the code, and it simply reads the input until it sees a > > > NULL terminator (read the comments in the code about 10 > > > lines down.) Therefore, any sanity checking on the length > > > specified by the user is a waste of time. > > > > Agreed; the fact that the protocol requires a length word at all is just > > a hangover from the past. We can read the length word and forget it. > > > > I wonder though if it'd be worthwhile to limit the length of the string > > that we are willing to read from the client in the second step. We are > > at this point dealing with an unauthenticated user, so we should be > > untrusting. And I think Sir Mordred has a point: forcing a backend to > > allocate a lot of memory can be a form of DoS attack. > > > > regards, tom lane
В списке pgsql-patches по дате отправления: