Fix stack clobber in new uuid-ossp code.

The V5 (SHA1 hashing) code wrote 20 bytes into a 16-byte local variable. This had accidentally failed to fail in my testing and Matteo's, but buildfarm results exposed the problem.

Fix stack clobber in new uuid-ossp code.
The V5 (SHA1 hashing) code wrote 20 bytes into a 16-byte local variable. This had accidentally failed to fail in my testing and Matteo's, but buildfarm results exposed the problem.
2103218d · Tom Lane · 8232d6df · 2103218d
Commit 2103218d authored May 28, 2014 by Tom Lane
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 1 deletion

contrib/uuid-ossp/uuid-ossp.c contrib/uuid-ossp/uuid-ossp.c +4 -1

No files found.
--- a/contrib/uuid-ossp/uuid-ossp.c
+++ b/contrib/uuid-ossp/uuid-ossp.c
@@ -316,16 +316,19 @@ uuid_generate_internal(int v, unsigned char *ns, char *ptr, int len)
 					MD5Init(&ctx);
 					MD5Update(&ctx, ns, sizeof(uu));
 					MD5Update(&ctx, (unsigned char *) ptr, len);
+					/* we assume sizeof MD5 result is 16, same as UUID size */
 					MD5Final((unsigned char *) &uu, &ctx);
 				}
 				else
 				{
 					SHA1_CTX	ctx;
+					unsigned char sha1result[SHA1_RESULTLEN];
 					SHA1Init(&ctx);
 					SHA1Update(&ctx, ns, sizeof(uu));
 					SHA1Update(&ctx, (unsigned char *) ptr, len);
-					SHA1Final((unsigned char *) &uu, &ctx);
+					SHA1Final(sha1result, &ctx);
+					memcpy(&uu, sha1result, sizeof(uu));
 				}
 				/* the calculated hash is using local order */