Skip to content

Commit d278541

Browse files
peterepetere
committed
Fix error handling of pg_b64_decode()
Fix for commit 761c795. The previous error handling logic was not quite correct. Discussion: https://www.postgresql.org/message-id/flat/CAEudQAq-3yHsSdWoOOaw%2BgAQYgPMpMGuB5pt2yCXgv-YuxG2Hg%40mail.gmail.com
1 parent ff030eb commit d278541

File tree

1 file changed

+26
-14
lines changed

1 file changed

+26
-14
lines changed

src/interfaces/libpq/fe-connect.c

Lines changed: 26 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1805,37 +1805,49 @@ pqConnectOptions2(PGconn *conn)
18051805
int len;
18061806

18071807
len = pg_b64_dec_len(strlen(conn->scram_client_key));
1808-
/* Consider the zero-terminator */
1809-
if (len != SCRAM_MAX_KEY_LEN + 1)
1808+
conn->scram_client_key_binary = malloc(len);
1809+
if (!conn->scram_client_key_binary)
1810+
goto oom_error;
1811+
len = pg_b64_decode(conn->scram_client_key, strlen(conn->scram_client_key),
1812+
conn->scram_client_key_binary, len);
1813+
if (len < 0)
1814+
{
1815+
libpq_append_conn_error(conn, "invalid SCRAM client key");
1816+
free(conn->scram_client_key_binary);
1817+
return false;
1818+
}
1819+
if (len != SCRAM_MAX_KEY_LEN)
18101820
{
18111821
libpq_append_conn_error(conn, "invalid SCRAM client key length: %d", len);
1822+
free(conn->scram_client_key_binary);
18121823
return false;
18131824
}
18141825
conn->scram_client_key_len = len;
1815-
conn->scram_client_key_binary = malloc(len);
1816-
if (!conn->scram_client_key_binary)
1817-
goto oom_error;
1818-
pg_b64_decode(conn->scram_client_key, strlen(conn->scram_client_key),
1819-
conn->scram_client_key_binary, len);
18201826
}
18211827

18221828
if (conn->scram_server_key)
18231829
{
18241830
int len;
18251831

18261832
len = pg_b64_dec_len(strlen(conn->scram_server_key));
1827-
/* Consider the zero-terminator */
1828-
if (len != SCRAM_MAX_KEY_LEN + 1)
1833+
conn->scram_server_key_binary = malloc(len);
1834+
if (!conn->scram_server_key_binary)
1835+
goto oom_error;
1836+
len = pg_b64_decode(conn->scram_server_key, strlen(conn->scram_server_key),
1837+
conn->scram_server_key_binary, len);
1838+
if (len < 0)
1839+
{
1840+
libpq_append_conn_error(conn, "invalid SCRAM server key");
1841+
free(conn->scram_server_key_binary);
1842+
return false;
1843+
}
1844+
if (len != SCRAM_MAX_KEY_LEN)
18291845
{
18301846
libpq_append_conn_error(conn, "invalid SCRAM server key length: %d", len);
1847+
free(conn->scram_server_key_binary);
18311848
return false;
18321849
}
18331850
conn->scram_server_key_len = len;
1834-
conn->scram_server_key_binary = malloc(len);
1835-
if (!conn->scram_server_key_binary)
1836-
goto oom_error;
1837-
pg_b64_decode(conn->scram_server_key, strlen(conn->scram_server_key),
1838-
conn->scram_server_key_binary, len);
18391851
}
18401852

18411853
/*

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy