Add missing error check in pgcrypto/crypt-md5.c.

In theory, the second px_find_digest call in px_crypt_md5 could fail
even though the first one succeeded, since resource allocation is
required.  Don't skip testing for a failure.  (If one did happen,
the likely result would be a crash rather than clean recovery from
an OOM failure.)

The code's been like this all along, so back-patch to all supported
branches.

Daniel Gustafsson

Discussion: https://postgr.es/m/AA8D6FE9-4AB2-41B4-98CB-AE64BA668C03@yesql.se

diff --git a/contrib/pgcrypto/crypt-md5.c b/contrib/pgcrypto/crypt-md5.c
index b6466d3e3178b5697cfe049cd8a47ce072b7c81a..d38721a1010a4fb6ef0a8e304be85a04a061254a 100644 (file)
--- a/contrib/pgcrypto/crypt-md5.c
+++ b/contrib/pgcrypto/crypt-md5.c
@@ -65,11 +65,17 @@ px_crypt_md5(const char *pw, const char *salt, char *passwd, unsigned dstlen)
        /* get the length of the true salt */
        sl = ep - sp;
 
-       /* */
+       /* we need two PX_MD objects */
        err = px_find_digest("md5", &ctx);
        if (err)
                return NULL;
        err = px_find_digest("md5", &ctx1);
+       if (err)
+       {
+               /* this path is possible under low-memory circumstances */
+               px_md_free(ctx);
+               return NULL;
+       }
 
        /* The password first, since that is what is most unknown */
        px_md_update(ctx, (const uint8 *) pw, strlen(pw));