search

supabase / vault

Extension for storing encrypted secrets in the Vault
Apache License 2.0
163 stars 9 forks source link

Warning message is confusing #3

Closed burmecia closed 1 year ago

burmecia commented 1 year ago

Bug report

The warning message when insert secret data to vault.secrets is confusing, it says problem in alloc set ExprContext, does that mean there is memory leaking?

To Reproduce

wrappers=# select pgsodium.create_key(name := 'tt');
                                                      create_key
----------------------------------------------------------------------------------------------------------------------
 (03790038-8407-4126-bff7-b372e8407fcb,tt,valid,aead-det,6,"\\x7067736f6469756d","2022-11-21 15:30:52.885219+11",,"")
(1 row)

wrappers=#
wrappers=# select id from pgsodium.valid_key where name = 'tt';
                  id
--------------------------------------
 03790038-8407-4126-bff7-b372e8407fcb
(1 row)

wrappers=# INSERT INTO vault.secrets (secret, key_id) VALUES ('some secrets', (select id from pgsodium.valid_key where name = 'tt')) RETURNING key_id;
WARNING:  problem in alloc set ExprContext: detected write past chunk end in block 0x119081800, chunk 0x119081f68
WARNING:  problem in alloc set ExprContext: detected write past chunk end in block 0x119081800, chunk 0x119081f68
                key_id
--------------------------------------
 03790038-8407-4126-bff7-b372e8407fcb
(1 row)

INSERT 0 1
wrappers=#

Expected behavior

There should be no warning message.

Screenshots

N/A

System information

Additional context

N/A

michelp commented 1 year ago

Hmm that's likely not good, but I'm not seeing it on Linux.

The actual bug, almost certainly, is that you're miscomputing the space needed for a variable-size palloc request.

https://www.postgresql.org/message-id/6178.1155825526%40sss.pgh.pa.us

I'll look further into this, thanks!

ioguix commented 1 year ago

Hmm that's likely not good, but I'm not seeing it on Linux

How do you install PostgreSQL? Did you try to compile it with --enable-cassert?

Quoting https://www.postgresql.org/message-id/6178.1155825526%40sss.pgh.pa.us :

The actual bug, almost certainly, is that you're miscomputing the space needed for a variable-size palloc request. But tracking that down will be hard until you find out which chunk it is.

As far as my tests are good, the varlena size allocated is indeed too small because pgsodium doesn't include its VARHDRSZ to the total size. See details here: https://github.com/michelp/pgsodium/issues/43

michelp commented 1 year ago

This is closed with michelp/pgsodium#43