GOMODULES
/
pgx
mirror of https://github.com/jackc/pgx.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,868 Commits
61 Branches
101 Tags
7.9 MiB
Commit Graph

4 Commits (04bcc0219dc3acf67f27e68decd6dffe97334779)

Author SHA1 Message Date
Jack Christensen adbb38f298 Do not allow protocol messages larger than ~1GB 
The PostgreSQL server will reject messages greater than ~1 GB anyway.
However, worse than that is that a message that is larger than 4 GB
could wrap the 32-bit integer message size and be interpreted by the
server as multiple messages. This could allow a malicious client to
inject arbitrary protocol messages.

https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv
 2024-03-04 09:09:29 -06:00
Jack Christensen 7f382f5190 Better fuzz testing and fix several bugs it found 
Fix infinite loop in AuthenticationSASL.Decode
Fix panic in CommandComplete.Decode
Fix panic in DataRow.Decode
Fix panic in NotificationResponse.Decode
 2022-07-23 16:13:06 -05:00
Jack Christensen d13f651810 Finish importing pgio as internal package 2022-02-21 14:35:20 -06:00
Jack Christensen 04476c4a13 Move pgproto3 to subdirectory 2022-02-21 11:57:34 -06:00