Prevent a double free by not reentering be_tls_close(). - user/sven/postgresql.git

diff options

author	Noah Misch <noah@leadboat.com>	2015-05-18 10:02:31 -0400
committer	Noah Misch <noah@leadboat.com>	2015-05-18 10:02:38 -0400
commit	6675ab595ade396c43ff6c0ee7c99ccb5f0bc6f4 (patch)
tree	c7906b086e3158eda88cd1f00e2916429bde1921 /src/backend/utils/adt/pg_locale.c
parent	b584e45c9d9b70fba06ade7279763acf49e8af14 (diff)

Prevent a double free by not reentering be_tls_close().

Reentering this function with the right timing caused a double free, typically crashing the backend. By synchronizing a disconnection with the authentication timeout, an unauthenticated attacker could achieve this somewhat consistently. Call be_tls_close() solely from within proc_exit_prepare(). Back-patch to 9.0 (all supported versions). Benkocs Norbert Attila Security: CVE-2015-3165

Diffstat (limited to 'src/backend/utils/adt/pg_locale.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: