Project

General

Profile

Actions

Bug #5016

closed

pgsql: fix possible unsigned integer overflow

Added by Juliana Fajardini Reichow almost 3 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

In parser::pgsql_parse_response, when we call take(pseudo_header.1 + 1) may cause an integer overflow.

let (i, pseudo_header) = peek(tuple((be_u8, be_u32)))(i)?;
  let (i, message) = map_parser(
    take(pseudo_header.1 + 1),

(Fixing isn't too trivial due to how underlying nom parsers currently.)

Actions

Also available in: Atom PDF