Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitf47f314

Browse files
committed
Minor cleanup/future-proofing for pg_saslprep().
Ensure that pg_saslprep() initializes its output argument to NULL inall failure paths, and then remove the redundant initialization thatsome (not all) of its callers did. This does not fix any live bug,but it reduces the odds of future bugs of omission.Also add a comment about why the existing failure-path coding isadequate.Back-patch so as to keep the function's API consistent across branches,again to forestall future bug introduction.Patch by me, reviewed by Michael PaquierDiscussion:https://postgr.es/m/16558.1536407783@sss.pgh.pa.us
1 parent9226a3b commitf47f314

File tree

3 files changed

+12
-7
lines changed

3 files changed

+12
-7
lines changed

‎src/backend/libpq/auth-scram.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -453,7 +453,7 @@ pg_be_scram_exchange(void *opaq, char *input, int inputlen,
453453
char*
454454
pg_be_scram_build_verifier(constchar*password)
455455
{
456-
char*prep_password=NULL;
456+
char*prep_password;
457457
pg_saslprep_rcrc;
458458
charsaltbuf[SCRAM_DEFAULT_SALT_LEN];
459459
char*result;
@@ -499,7 +499,7 @@ scram_verify_plain_password(const char *username, const char *password,
499499
uint8stored_key[SCRAM_KEY_LEN];
500500
uint8server_key[SCRAM_KEY_LEN];
501501
uint8computed_key[SCRAM_KEY_LEN];
502-
char*prep_password=NULL;
502+
char*prep_password;
503503
pg_saslprep_rcrc;
504504

505505
if (!parse_scram_verifier(verifier,&iterations,&encoded_salt,

‎src/common/saslprep.c

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1081,6 +1081,9 @@ pg_saslprep(const char *input, char **output)
10811081
unsignedchar*p;
10821082
pg_wchar*wp;
10831083

1084+
/* Ensure we return *output as NULL on failure */
1085+
*output=NULL;
1086+
10841087
/* Check that the password isn't stupendously long */
10851088
if (strlen(input)>MAX_PASSWORD_LENGTH)
10861089
{
@@ -1112,10 +1115,7 @@ pg_saslprep(const char *input, char **output)
11121115
*/
11131116
input_size=pg_utf8_string_len(input);
11141117
if (input_size<0)
1115-
{
1116-
*output=NULL;
11171118
returnSASLPREP_INVALID_UTF8;
1118-
}
11191119

11201120
input_chars=ALLOC((input_size+1)*sizeof(pg_wchar));
11211121
if (!input_chars)
@@ -1246,6 +1246,11 @@ pg_saslprep(const char *input, char **output)
12461246
result=ALLOC(result_size+1);
12471247
if (!result)
12481248
gotooom;
1249+
1250+
/*
1251+
* There are no error exits below here, so the error exit paths don't need
1252+
* to worry about possibly freeing "result".
1253+
*/
12491254
p= (unsignedchar*)result;
12501255
for (wp=output_chars;*wp;wp++)
12511256
{

‎src/interfaces/libpq/fe-auth-scram.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -477,7 +477,7 @@ build_client_final_message(fe_scram_state *state)
477477
printfPQExpBuffer(&conn->errorMessage,
478478
"channel binding not supported by this build\n");
479479
returnNULL;
480-
#endif/* HAVE_PGTLS_GET_PEER_CERTIFICATE_HASH */
480+
#endif/* HAVE_PGTLS_GET_PEER_CERTIFICATE_HASH */
481481
}
482482
#ifdefHAVE_PGTLS_GET_PEER_CERTIFICATE_HASH
483483
elseif (conn->ssl_in_use)
@@ -747,7 +747,7 @@ verify_server_signature(fe_scram_state *state)
747747
char*
748748
pg_fe_scram_build_verifier(constchar*password)
749749
{
750-
char*prep_password=NULL;
750+
char*prep_password;
751751
pg_saslprep_rcrc;
752752
charsaltbuf[SCRAM_DEFAULT_SALT_LEN];
753753
char*result;

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp