Avoid returning undefined bytes in chkpass_in().

We can't really fix the problem that the result is defined to depend on
random(), so it is still going to fail the "unstable input conversion"
test in parse_type.c.  However, we can at least satify valgrind.  (It
looks like this code used to be valgrind-clean, actually, until somebody
did a careless s/strncpy/strlcpy/g on it.)

In passing, let's just make real sure that chkpass_out doesn't overrun
its output buffer.

No need for backpatch, I think, since this is just to satisfy debugging
tools.

Asif Naeem

diff --git a/contrib/chkpass/chkpass.c b/contrib/chkpass/chkpass.c
index 283ad9a5388c6c340eb056a7c5a0214015ba1b3e..9425c089b5b7da0a588fb107cd4aca41bf9c0cc2 100644 (file)
--- a/contrib/chkpass/chkpass.c
+++ b/contrib/chkpass/chkpass.c
@@ -65,7 +65,7 @@ chkpass_in(PG_FUNCTION_ARGS)
    /* special case to let us enter encrypted passwords */
    if (*str == ':')
    {
-       result = (chkpass *) palloc(sizeof(chkpass));
+       result = (chkpass *) palloc0(sizeof(chkpass));
        strlcpy(result->password, str + 1, 13 + 1);
        PG_RETURN_POINTER(result);
    }
@@ -75,7 +75,7 @@ chkpass_in(PG_FUNCTION_ARGS)
                (errcode(ERRCODE_DATA_EXCEPTION),
                 errmsg("password \"%s\" is weak", str)));
 
-   result = (chkpass *) palloc(sizeof(chkpass));
+   result = (chkpass *) palloc0(sizeof(chkpass));
 
    mysalt[0] = salt_chars[random() & 0x3f];
    mysalt[1] = salt_chars[random() & 0x3f];
@@ -107,7 +107,7 @@ chkpass_out(PG_FUNCTION_ARGS)
 
    result = (char *) palloc(16);
    result[0] = ':';
-   strcpy(result + 1, password->password);
+   strlcpy(result + 1, password->password, 15);
 
    PG_RETURN_CSTRING(result);
 }