Re: @(#)Mordred Labs advisory 0x0007: Remove DoS in PostgreSQL

On 26 Aug 2002 at 14:46, Sir Mordred The Traitor wrote:
> [snip]
> static int recv_and_check_password0(Port *port) {
>     int32 len;
>     char *buf;
>  
>     if (pq_getint(&len, 4) == EOF)
>         return STATUS_EOF;
>     len -= 4;
>     buf = palloc(len); /* len is taken from a packet */
> [snip]

So that should read,
buf=palloc((len>LENMAX?SAFELEN:len));

is what you want to say? 

sounds good to me.. But if it is taken from the packet, won't that be tripped 
to MTA size? Just a naïve question. Never saw much of postgres code myself..


ByeShridhar

--
Wilcox's Law:    A pat on the back is only a few centimeters from a kick in the 
pants.