public inbox for [email protected]
help / color / mirror / Atom feedFrom: Noah Misch <[email protected]>
To: [email protected]
Subject: pgsql: refint: Fix SQL injection and buffer overruns.
Date: Mon, 11 May 2026 12:19:41 +0000
Message-ID: <[email protected]> (raw)
refint: Fix SQL injection and buffer overruns.
Maliciously crafted key value updates could achieve SQL injection
within check_foreign_key(). To fix, ensure new key values are
properly quoted and escaped in the internally generated SQL
statements. While at it, avoid potential buffer overruns by
replacing the stack buffers for internally generated SQL statements
with StringInfo.
Reported-by: Nikolay Samokhvalov <[email protected]>
Author: Nathan Bossart <[email protected]>
Reviewed-by: Noah Misch <[email protected]>
Reviewed-by: Tom Lane <[email protected]>
Reviewed-by: Fujii Masao <[email protected]>
Security: CVE-2026-6637
Backpatch-through: 14
Branch
------
REL_14_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/2b026df29c1e1caafb259a2021528a28ec484018
Author: Nathan Bossart <[email protected]>
Modified Files
--------------
contrib/spi/refint.c | 84 ++++++++++++++++++++++++----------------------------
1 file changed, 38 insertions(+), 46 deletions(-)
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: pgsql: refint: Fix SQL injection and buffer overruns.
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox