Fix two thinkos related to strong random keys.

pg_backend_random() is used for MD5 salt generation, but it can fail, and no checks were done on its status code. Fix memory leak, if generating a random number for a cancel key failed. Both issues were spotted by Coverity. Fix by Michael Paquier.
author: Heikki Linnakangas <heikki.linnakangas@iki.fi> 2016-12-12 09:58:32 +0200
committer: Heikki Linnakangas <heikki.linnakangas@iki.fi> 2016-12-12 09:58:32 +0200
commit: 41493bac36575c93172644d0eab7045aed8dcc17 (patch)
tree: 8ff86758463e3227a4f5bdefd4956509125273d7 /src/backend/libpq/auth.c
parent: ad365b2f91dc57ed1f18839f9f59a2799d276c8d (diff)
download: postgresql-41493bac36575c93172644d0eab7045aed8dcc17.tar.gz
postgresql-41493bac36575c93172644d0eab7045aed8dcc17.zip
1 files changed, 6 insertions, 1 deletions
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
index f8bffe37ddc..2b1841fb9bb 100644
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -715,7 +715,12 @@ CheckMD5Auth(Port *port, char **logdetail)
 				 errmsg("MD5 authentication is not supported when \"db_user_namespace\" is enabled")));
 
 	/* include the salt to use for computing the response */
-	pg_backend_random(md5Salt, 4);
+	if (!pg_backend_random(md5Salt, 4))
+	{
+		ereport(LOG,
+				(errmsg("could not acquire random number for MD5 salt.")));
+		return STATUS_ERROR;
+	}
 
 	sendAuthRequest(port, AUTH_REQ_MD5, md5Salt, 4);
author	Heikki Linnakangas <heikki.linnakangas@iki.fi>	2016-12-12 09:58:32 +0200
committer	Heikki Linnakangas <heikki.linnakangas@iki.fi>	2016-12-12 09:58:32 +0200
commit	41493bac36575c93172644d0eab7045aed8dcc17 (patch)
tree	8ff86758463e3227a4f5bdefd4956509125273d7 /src/backend/libpq/auth.c
parent	ad365b2f91dc57ed1f18839f9f59a2799d276c8d (diff)
download	postgresql-41493bac36575c93172644d0eab7045aed8dcc17.tar.gz postgresql-41493bac36575c93172644d0eab7045aed8dcc17.zip