Fix memory leaks if random salt generation fails.

hlinnaka · hlinnaka · commit 0186ded5460c · 2017-05-07T19:58:21.000+03:00
In the backend, this is just to silence coverity warnings, but in the
frontend, it's a genuine leak, even if extremely rare.

Spotted by Coverity, patch by Michael Paquier.
diff --git a/src/backend/libpq/auth-scram.c b/src/backend/libpq/auth-scram.c
@@ -411,6 +411,8 @@ pg_be_scram_build_verifier(const char *password)
 		ereport(LOG,
 				(errcode(ERRCODE_INTERNAL_ERROR),
 				 errmsg("could not generate random salt")));
+		if (prep_password)
+			pfree(prep_password);
 		return NULL;
 	}
 
diff --git a/src/interfaces/libpq/fe-auth-scram.c b/src/interfaces/libpq/fe-auth-scram.c
@@ -638,7 +638,11 @@ pg_fe_scram_build_verifier(const char *password)
 
 	/* Generate a random salt */
 	if (!pg_frontend_random(saltbuf, SCRAM_DEFAULT_SALT_LEN))
+	{
+		if (prep_password)
+			free(prep_password);
 		return NULL;
+	}
 
 	result = scram_build_verifier(saltbuf, SCRAM_DEFAULT_SALT_LEN,
 								  SCRAM_DEFAULT_ITERATIONS, password);

Original file line number	Diff line number	Diff line change
`@@ -411,6 +411,8 @@ pg_be_scram_build_verifier(const char *password)`
`411`	`411`	`ereport(LOG,`
`412`	`412`	`(errcode(ERRCODE_INTERNAL_ERROR),`
`413`	`413`	`errmsg("could not generate random salt")));`
	`414`	`+ if (prep_password)`
	`415`	`+ pfree(prep_password);`
`414`	`416`	`return NULL;`
`415`	`417`	`}`
`416`	`418`