> On 29 Jan 2024, at 14:37, Mikhail Gribkov wrote:
> I have tried to analyse Postgres code with Svace static analyzer [1] and
> found something I think is a real bug.
>
> In pgp-decrypt.c, in prefix_init function the following check:
> if (len > sizeof(tmpbuf))
>
> seem to be erroneous and
Hi hackers,
I have tried to analyse Postgres code with Svace static analyzer [1] and
found something I think is a real bug.
In pgp-decrypt.c, in prefix_init function the following check:
if (len > sizeof(tmpbuf))
seem to be erroneous and should really look this way:
if (len > PGP_MAX_BLOCK)
