Fix integer-overflow problem in scram_SaltedPassword() Setting the iteration count for SCRAM secret generation to INT_MAX will cause an infinite loop in scram_SaltedPassword() due to integer overflow, as the loop uses the "i <= iterations" comparison. To fix, use "i < iterations" instead.
Back-patch to v16 where the user-settable GUC scram_iterations has been added. Author: Kevin K Biju <kevinkb...@gmail.com> Reviewed-by: Richard Guo <guofengli...@gmail.com> Reviewed-by: Michael Paquier <mich...@paquier.xyz> Discussion: https://postgr.es/m/cam45keemm8hnxdtoxa98qhfz9czgddgy3mxgjmy0c+2wwja...@mail.gmail.com Branch ------ REL_17_STABLE Details ------- https://git.postgresql.org/pg/commitdiff/34fbfe1f57d84163fea4e234bf78d3b5fd5364b1 Modified Files -------------- src/common/scram-common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
