Richard Guo 34fbfe1f57 Fix integer-overflow problem in scram_SaltedPassword() ...

Setting the iteration count for SCRAM secret generation to INT_MAX
will cause an infinite loop in scram_SaltedPassword() due to integer
overflow, as the loop uses the "i <= iterations" comparison.  To fix,
use "i < iterations" instead.

Back-patch to v16 where the user-settable GUC scram_iterations has
been added.

Author: Kevin K Biju <kevinkbiju@gmail.com>
Reviewed-by: Richard Guo <guofenglinux@gmail.com>
Reviewed-by: Michael Paquier <michael@paquier.xyz>
Discussion: https://postgr.es/m/CAM45KeEMm8hnxdTOxA98qhfZ9CzGDdgy3mxgJmy0c+2WwjA6Zg@mail.gmail.com

2025-03-26 17:49:57 +09:00

..

backend

Fix rare assertion failure in standby, if primary is restarted

2025-03-23 20:41:52 +02:00

bin

reindexdb: Fix the index-level REINDEX with multiple jobs

2025-03-16 13:29:20 +02:00

common

Fix integer-overflow problem in scram_SaltedPassword()

2025-03-26 17:49:57 +09:00

fe_utils

In fmtIdEnc(), handle failure of enlargePQExpBuffer().

2025-02-16 12:46:35 -05:00

include

Fix broken handling of domains in atthasmissing logic.

2025-03-03 12:43:29 -05:00

interfaces

Translation updates

2025-02-17 17:51:30 +01:00

makefiles

Optimize pg_popcount() with AVX-512 instructions.

2024-04-06 21:56:23 -05:00

pl

Fix plpgsql's handling of simple expressions in scrollable cursors.

2025-03-21 11:30:42 -04:00

port

Assert that wrapper_handler()'s argument is within expected range.

2025-03-07 15:23:09 -06:00

template

Remove AIX support

2024-02-28 15:17:23 +04:00

test

Fix order of -I switches for building pg_regress.o.

2025-03-25 20:03:56 -04:00

timezone

Update time zone data files to tzdata release 2025a.

2025-01-20 16:49:15 -05:00

tools

meson: Flush stdout in testwrap

2025-03-19 09:04:09 -04:00

tutorial

…

.gitignore

…

DEVELOPERS

…

Makefile

…

Makefile.global.in

Update Unicode data to CLDR 45

2024-04-22 09:16:33 +02:00

Makefile.shlib

Remove AIX support

2024-02-28 15:17:23 +04:00

meson.build

…

nls-global.mk

…