summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b1452f5)
raw | patch | inline | side by side (parent: b1452f5)
| author | Tom Lane <tgl@sss.pgh.pa.us> | |
| Fri, 16 Oct 2020 15:59:13 +0000 (11:59 -0400) | ||
| committer | Tom Lane <tgl@sss.pgh.pa.us> | |
| Fri, 16 Oct 2020 15:59:36 +0000 (11:59 -0400) |
In theory, the second px_find_digest call in px_crypt_md5 could fail
even though the first one succeeded, since resource allocation is
required. Don't skip testing for a failure. (If one did happen,
the likely result would be a crash rather than clean recovery from
an OOM failure.)
The code's been like this all along, so back-patch to all supported
branches.
Daniel Gustafsson
Discussion: https://postgr.es/m/AA8D6FE9-4AB2-41B4-98CB-AE64BA668C03@yesql.se
even though the first one succeeded, since resource allocation is
required. Don't skip testing for a failure. (If one did happen,
the likely result would be a crash rather than clean recovery from
an OOM failure.)
The code's been like this all along, so back-patch to all supported
branches.
Daniel Gustafsson
Discussion: https://postgr.es/m/AA8D6FE9-4AB2-41B4-98CB-AE64BA668C03@yesql.se
| contrib/pgcrypto/crypt-md5.c | patch | blob | blame | history |
index 6a09d76989ff3049b4720e8b86fca9ac3045f87d..cb1b97d77868d147b73997f4c1003a1485c66f70 100644 (file)
/* get the length of the true salt */
sl = ep - sp;
- /* */
+ /* we need two PX_MD objects */
err = px_find_digest("md5", &ctx);
if (err)
return NULL;
err = px_find_digest("md5", &ctx1);
+ if (err)
+ {
+ /* this path is possible under low-memory circumstances */
+ px_md_free(ctx);
+ return NULL;
+ }
/* The password first, since that is what is most unknown */
px_md_update(ctx, (const uint8 *) pw, strlen(pw));