diff options
| author | Heikki Linnakangas <heikki.linnakangas@iki.fi> | 2017-05-07 19:58:21 +0300 |
|---|---|---|
| committer | Heikki Linnakangas <heikki.linnakangas@iki.fi> | 2017-05-07 19:58:21 +0300 |
| commit | 0186ded5460c4868db8c5f98ab17287c15fedd7e (patch) | |
| tree | 400d9e03db8e625eb3c4ed5ecb331e2a1f2c8ba4 | |
| parent | a54d5875fe0bc19d05236b85e1e1bf0af9fa2902 (diff) | |
| download | postgresql-0186ded5460c4868db8c5f98ab17287c15fedd7e.tar.gz postgresql-0186ded5460c4868db8c5f98ab17287c15fedd7e.zip | |
Fix memory leaks if random salt generation fails.
In the backend, this is just to silence coverity warnings, but in the
frontend, it's a genuine leak, even if extremely rare.
Spotted by Coverity, patch by Michael Paquier.
| -rw-r--r-- | src/backend/libpq/auth-scram.c | 2 | ||||
| -rw-r--r-- | src/interfaces/libpq/fe-auth-scram.c | 4 |
2 files changed, 6 insertions, 0 deletions
diff --git a/src/backend/libpq/auth-scram.c b/src/backend/libpq/auth-scram.c index 8b3da736b1a..3acc2acfe41 100644 --- a/src/backend/libpq/auth-scram.c +++ b/src/backend/libpq/auth-scram.c @@ -411,6 +411,8 @@ pg_be_scram_build_verifier(const char *password) ereport(LOG, (errcode(ERRCODE_INTERNAL_ERROR), errmsg("could not generate random salt"))); + if (prep_password) + pfree(prep_password); return NULL; } diff --git a/src/interfaces/libpq/fe-auth-scram.c b/src/interfaces/libpq/fe-auth-scram.c index 4598774a963..d8a5bbc712a 100644 --- a/src/interfaces/libpq/fe-auth-scram.c +++ b/src/interfaces/libpq/fe-auth-scram.c @@ -638,7 +638,11 @@ pg_fe_scram_build_verifier(const char *password) /* Generate a random salt */ if (!pg_frontend_random(saltbuf, SCRAM_DEFAULT_SALT_LEN)) + { + if (prep_password) + free(prep_password); return NULL; + } result = scram_build_verifier(saltbuf, SCRAM_DEFAULT_SALT_LEN, SCRAM_DEFAULT_ITERATIONS, password); |