Fix integer-overflow problem in scram_SaltedPassword() Setting the iteration count for SCRAM secret generation to INT_MAX will cause an infinite loop in scram_SaltedPassword() due to integer overflow, as the loop uses the "i <= iterations" comparison. To fix, use "i < iterations" instead.
Back-patch to v16 where the user-settable GUC scram_iterations has been added. Author: Kevin K Biju <kevinkb...@gmail.com> Reviewed-by: Richard Guo <guofengli...@gmail.com> Reviewed-by: Michael Paquier <mich...@paquier.xyz> Discussion: https://postgr.es/m/cam45keemm8hnxdtoxa98qhfz9czgddgy3mxgjmy0c+2wwja...@mail.gmail.com Branch ------ master Details ------- https://git.postgresql.org/pg/commitdiff/7c82b4f711877b175142bb2b2a6e2c2ee2429441 Modified Files -------------- src/common/scram-common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
