Potential use of uninitialized context in pgcrypto
In px_crypt_md5() we have this section, with the second assignment to err being
unchecked:
/* */
err = px_find_digest("md5", &ctx);
if (err)
return NULL;
err = px_find_digest("md5", &ctx1);
Even though we know that the digest algorithm exists when we reach the second
call, we must check the returnvalue from each call to px_find_digest to handle
allocation errors. Depending on which lib is backing pgcrypto, px_find_digest
may perform resource allocation which can fail on the subsequent call. It does
fall in the not-terrible-likely-to-happen category but there is a non-zero risk
which would lead to using a broken context. The attached checks the err
returnvalue and exits in case it indicates an error.
cheers ./daniel
Attachments:
pgcrypto_digest_error.patchapplication/octet-stream; name=pgcrypto_digest_error.patch; x-unix-mode=0644Download+10-2
Daniel Gustafsson <daniel@yesql.se> writes:
Even though we know that the digest algorithm exists when we reach the second
call, we must check the returnvalue from each call to px_find_digest to handle
allocation errors.
Agreed, it's a bug. Will push in a bit.
regards, tom lane