From: Tom Lane Date: Sat, 14 Feb 2015 17:20:56 +0000 (-0500) Subject: Avoid returning undefined bytes in chkpass_in(). X-Git-Tag: REL9_5_ALPHA1~778 X-Git-Url: http://git.postgresql.org/gitweb/?a=commitdiff_plain;h=80986e85aafd64165efc7f45b330f2f213713032;p=postgresql.git Avoid returning undefined bytes in chkpass_in(). We can't really fix the problem that the result is defined to depend on random(), so it is still going to fail the "unstable input conversion" test in parse_type.c. However, we can at least satify valgrind. (It looks like this code used to be valgrind-clean, actually, until somebody did a careless s/strncpy/strlcpy/g on it.) In passing, let's just make real sure that chkpass_out doesn't overrun its output buffer. No need for backpatch, I think, since this is just to satisfy debugging tools. Asif Naeem --- diff --git a/contrib/chkpass/chkpass.c b/contrib/chkpass/chkpass.c index 283ad9a5388..9425c089b5b 100644 --- a/contrib/chkpass/chkpass.c +++ b/contrib/chkpass/chkpass.c @@ -65,7 +65,7 @@ chkpass_in(PG_FUNCTION_ARGS) /* special case to let us enter encrypted passwords */ if (*str == ':') { - result = (chkpass *) palloc(sizeof(chkpass)); + result = (chkpass *) palloc0(sizeof(chkpass)); strlcpy(result->password, str + 1, 13 + 1); PG_RETURN_POINTER(result); } @@ -75,7 +75,7 @@ chkpass_in(PG_FUNCTION_ARGS) (errcode(ERRCODE_DATA_EXCEPTION), errmsg("password \"%s\" is weak", str))); - result = (chkpass *) palloc(sizeof(chkpass)); + result = (chkpass *) palloc0(sizeof(chkpass)); mysalt[0] = salt_chars[random() & 0x3f]; mysalt[1] = salt_chars[random() & 0x3f]; @@ -107,7 +107,7 @@ chkpass_out(PG_FUNCTION_ARGS) result = (char *) palloc(16); result[0] = ':'; - strcpy(result + 1, password->password); + strlcpy(result + 1, password->password, 15); PG_RETURN_CSTRING(result); }