Tags: AaronWjf/pgproto3
Tags
Backport fixes from pgx v5 Check for overflow on uint16 sizes in pgproto3 Do not allow protocol messages larger than ~1GB The PostgreSQL server will reject messages greater than ~1 GB anyway. However, worse than that is that a message that is larger than 4 GB could wrap the 32-bit integer message size and be interpreted by the server as multiple messages. This could allow a malicious client to inject arbitrary protocol messages. GHSA-mrww-27vc-gghv
Add support for identifying authentication messages The pgprotocol overloads 'p' messages with PasswordMessage, SASLInitialResponse, SASLResponse, and GSSResponse. This patch allows contextual identification of the message by setting the authType in the frontend and then setting this value in the backend when a AuthenticationResponseMessage is received.
Add support to ErrorResponse for unlocalized severity Add missing 'V' field for unlocalized severity added in PG versions 9.6 and greater. See https://www.postgresql.org/docs/current/protocol-error-fields.html
PreviousNext