Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

empty sslkey-file causes panic in pgx.Connect #1915

Closed
gabor opened this issue Feb 21, 2024 · 1 comment
Closed

empty sslkey-file causes panic in pgx.Connect #1915

gabor opened this issue Feb 21, 2024 · 1 comment
Labels

Comments

@gabor
Copy link

gabor commented Feb 21, 2024

Describe the bug
if i use an empty-file as the sslkey, pgx will panic.

To Reproduce
create an empty file named key.key
then run this program:

package main

import (
	"context"

	"github.com/jackc/pgx/v5"
)

func main() {
	pgx.Connect(context.Background(), "host=localhost sslkey=key.key sslcert=key.crt")
}

Expected behavior

pgx.Connect should return an error, if the sslkey is an empty file, it should not panic.

Actual behavior
pgx.Connect panics when sslkey is an empty file.
A clear and concise description of what actually happened.

Version

  • Go: go version go1.22.0 darwin/arm64
  • PostgreSQL: postgres is not running
  • pgx: v5.5.3

Additional context
i think the problem is here:

pgx/pgconn/config.go

Lines 723 to 728 in 5c63f64

block, _ := pem.Decode(buf)
var pemKey []byte
var decryptedKey []byte
var decryptedError error
// If PEM is encrypted, attempt to decrypt using pass phrase
if x509.IsEncryptedPEMBlock(block) {

pem.Decode() will return an error, but it is not checked. then x509.IsEncryptedPEMBlock() panics.

@gabor gabor added the bug label Feb 21, 2024
jackc added a commit that referenced this issue Feb 24, 2024
@jackc
Copy link
Owner

jackc commented Feb 24, 2024

Fixed in 8896bd6.

@jackc jackc closed this as completed Feb 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants