Prevent a double free by not reentering be_tls_close(). - user/sven/postgresql.git

diff options

author	Noah Misch <noah@leadboat.com>	2015-05-18 10:02:31 -0400
committer	Noah Misch <noah@leadboat.com>	2015-05-18 10:02:37 -0400
commit	439ff9b6b9de435e1c92d05221cfbcb7ff80e150 (patch)
tree	56195bd242f119e88858faf3fd128cf8ae88dda0 /contrib/btree_gist/expected/interval.out
parent	6f8b6abd97711ea4f5f4f7bf92d93d32156e15d4 (diff)

Prevent a double free by not reentering be_tls_close().

Reentering this function with the right timing caused a double free, typically crashing the backend. By synchronizing a disconnection with the authentication timeout, an unauthenticated attacker could achieve this somewhat consistently. Call be_tls_close() solely from within proc_exit_prepare(). Back-patch to 9.0 (all supported versions). Benkocs Norbert Attila Security: CVE-2015-3165

Diffstat (limited to 'contrib/btree_gist/expected/interval.out')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: