pgcrypto: Detect and report too-short crypt() salts.

Certain short salts crashed the backend or disclosed a few bytes of backend memory. For existing salt-induced error conditions, emit a message saying as much. Back-patch to 9.0 (all supported versions). Josh Kupershmidt Security: CVE-2015-5288
author: Noah Misch 2015-10-05 14:06:29 +0000
committer: Noah Misch 2015-10-05 14:06:29 +0000
commit: 1d812c8b059d0b9b1fba4a459c9876de0f6259b6 (patch)
tree: 567ebc7798e9792adb395a26f48c8a57dd1b4001 /contrib/pgcrypto/px-crypt.c
parent: 2ca9d5445c35db8956e4abbf1e653373820e8c0a (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/contrib/pgcrypto/px-crypt.c b/contrib/pgcrypto/px-crypt.c
index 7b003a76ca6..e3246fc5b9d 100644
--- a/contrib/pgcrypto/px-crypt.c
+++ b/contrib/pgcrypto/px-crypt.c
@@ -42,7 +42,7 @@ run_crypt_des(const char *psw, const char *salt,
 	char	   *res;
 
 	res = px_crypt_des(psw, salt);
-	if (strlen(res) > len - 1)
+	if (res == NULL || strlen(res) > len - 1)
 		return NULL;
 	strcpy(buf, res);
 	return buf;
author	Noah Misch	2015-10-05 14:06:29 +0000
committer	Noah Misch	2015-10-05 14:06:29 +0000
commit	1d812c8b059d0b9b1fba4a459c9876de0f6259b6 (patch)
tree	567ebc7798e9792adb395a26f48c8a57dd1b4001 /contrib/pgcrypto/px-crypt.c
parent	2ca9d5445c35db8956e4abbf1e653373820e8c0a (diff)