diff options
| author | Peter Eisentraut <peter@eisentraut.org> | 2025-01-16 09:02:21 +0100 |
|---|---|---|
| committer | Peter Eisentraut <peter@eisentraut.org> | 2025-01-16 09:02:21 +0100 |
| commit | d278541be422f348b10c89c638942c25229c5e07 (patch) | |
| tree | af17d07fcf1864baffa90c88cbd2f61814be0b08 /src | |
| parent | ff030ebe25022bdb90cecb7bfe45c6f863e3be30 (diff) | |
| download | postgresql-d278541be422f348b10c89c638942c25229c5e07.tar.gz postgresql-d278541be422f348b10c89c638942c25229c5e07.zip | |
Fix error handling of pg_b64_decode()
Fix for commit 761c79508e7. The previous error handling logic was not
quite correct.
Discussion: https://www.postgresql.org/message-id/flat/CAEudQAq-3yHsSdWoOOaw%2BgAQYgPMpMGuB5pt2yCXgv-YuxG2Hg%40mail.gmail.com
Diffstat (limited to 'src')
| -rw-r--r-- | src/interfaces/libpq/fe-connect.c | 40 |
1 files changed, 26 insertions, 14 deletions
diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c index c7943d549e8..7878e2e33af 100644 --- a/src/interfaces/libpq/fe-connect.c +++ b/src/interfaces/libpq/fe-connect.c @@ -1805,18 +1805,24 @@ pqConnectOptions2(PGconn *conn) int len; len = pg_b64_dec_len(strlen(conn->scram_client_key)); - /* Consider the zero-terminator */ - if (len != SCRAM_MAX_KEY_LEN + 1) + conn->scram_client_key_binary = malloc(len); + if (!conn->scram_client_key_binary) + goto oom_error; + len = pg_b64_decode(conn->scram_client_key, strlen(conn->scram_client_key), + conn->scram_client_key_binary, len); + if (len < 0) + { + libpq_append_conn_error(conn, "invalid SCRAM client key"); + free(conn->scram_client_key_binary); + return false; + } + if (len != SCRAM_MAX_KEY_LEN) { libpq_append_conn_error(conn, "invalid SCRAM client key length: %d", len); + free(conn->scram_client_key_binary); return false; } conn->scram_client_key_len = len; - conn->scram_client_key_binary = malloc(len); - if (!conn->scram_client_key_binary) - goto oom_error; - pg_b64_decode(conn->scram_client_key, strlen(conn->scram_client_key), - conn->scram_client_key_binary, len); } if (conn->scram_server_key) @@ -1824,18 +1830,24 @@ pqConnectOptions2(PGconn *conn) int len; len = pg_b64_dec_len(strlen(conn->scram_server_key)); - /* Consider the zero-terminator */ - if (len != SCRAM_MAX_KEY_LEN + 1) + conn->scram_server_key_binary = malloc(len); + if (!conn->scram_server_key_binary) + goto oom_error; + len = pg_b64_decode(conn->scram_server_key, strlen(conn->scram_server_key), + conn->scram_server_key_binary, len); + if (len < 0) + { + libpq_append_conn_error(conn, "invalid SCRAM server key"); + free(conn->scram_server_key_binary); + return false; + } + if (len != SCRAM_MAX_KEY_LEN) { libpq_append_conn_error(conn, "invalid SCRAM server key length: %d", len); + free(conn->scram_server_key_binary); return false; } conn->scram_server_key_len = len; - conn->scram_server_key_binary = malloc(len); - if (!conn->scram_server_key_binary) - goto oom_error; - pg_b64_decode(conn->scram_server_key, strlen(conn->scram_server_key), - conn->scram_server_key_binary, len); } /* |