GOMODULES
/
pgx
mirror of https://github.com/jackc/pgx.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,866 Commits
61 Branches
101 Tags
7.9 MiB
Commit Graph

5 Commits (63422c7d6cfe092af402f48e16729acd1e3bae1c)

Author SHA1 Message Date
Jack Christensen 20344dfae8 Check for overflow on uint16 sizes in pgproto3 2024-03-04 09:09:29 -06:00
Jack Christensen adbb38f298 Do not allow protocol messages larger than ~1GB 
The PostgreSQL server will reject messages greater than ~1 GB anyway.
However, worse than that is that a message that is larger than 4 GB
could wrap the 32-bit integer message size and be interpreted by the
server as multiple messages. This could allow a malicious client to
inject arbitrary protocol messages.

https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv
 2024-03-04 09:09:29 -06:00
Jack Christensen a92f1df1df Merge remote-tracking branch 'pgproto3/master' into v5-dev 
Pull in pgproto3 changes and update for pgx v5
 2022-04-23 10:43:48 -05:00
Jack Christensen d13f651810 Finish importing pgio as internal package 2022-02-21 14:35:20 -06:00
Jack Christensen 04476c4a13 Move pgproto3 to subdirectory 2022-02-21 11:57:34 -06:00