public inbox for [email protected]
help / color / mirror / Atom feedFrom: Michael Paquier <[email protected]>
To: Alexander Lakhin <[email protected]>
Cc: John Naylor <[email protected]>
Cc: Postgres hackers <[email protected]>
Subject: Re: Non-compliant SASLprep implementation for ASCII characters
Date: Sun, 12 Apr 2026 20:47:10 +0900
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
<CANWCAZbgyvx66qfngNvW0n+uEv3=Bak1X5GLPr4sZApuHDPV-g@mail.gmail.com>
<[email protected]>
<[email protected]>
On Sun, Apr 12, 2026 at 09:00:00AM +0300, Alexander Lakhin wrote:
> That is, strlcpy() tries to evaluate strlen() for src, which contains only
> one byte without null terminator.
Thanks for the report. I don't know why skink is not complaining, but
I do see the failure, and I am able to fix it with the attached. Does
it work on your side?
--
Michael
diff --git a/src/test/modules/test_saslprep/test_saslprep.c b/src/test/modules/test_saslprep/test_saslprep.c
index 70ff7069bf70..121212d4fa21 100644
--- a/src/test/modules/test_saslprep/test_saslprep.c
+++ b/src/test/modules/test_saslprep/test_saslprep.c
@@ -84,7 +84,8 @@ test_saslprep(PG_FUNCTION_ARGS)
* Copy the input given, to make SASLprep() act on a sanitized string.
*/
input_data = palloc0(src_len + 1);
- strlcpy(input_data, src, src_len + 1);
+ memcpy(input_data, src, src_len);
+ input_data[src_len] = '\0';
rc = pg_saslprep(input_data, &result);
status = saslprep_status_to_text(rc);
Attachments:
[text/plain] saslprep-test.patch (611B, 2-saslprep-test.patch)
download | inline diff:
diff --git a/src/test/modules/test_saslprep/test_saslprep.c b/src/test/modules/test_saslprep/test_saslprep.c
index 70ff7069bf70..121212d4fa21 100644
--- a/src/test/modules/test_saslprep/test_saslprep.c
+++ b/src/test/modules/test_saslprep/test_saslprep.c
@@ -84,7 +84,8 @@ test_saslprep(PG_FUNCTION_ARGS)
* Copy the input given, to make SASLprep() act on a sanitized string.
*/
input_data = palloc0(src_len + 1);
- strlcpy(input_data, src, src_len + 1);
+ memcpy(input_data, src, src_len);
+ input_data[src_len] = '\0';
rc = pg_saslprep(input_data, &result);
status = saslprep_status_to_text(rc);
[application/pgp-signature] signature.asc (833B, 3-signature.asc)
download
view thread (9+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected]
Subject: Re: Non-compliant SASLprep implementation for ASCII characters
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox