Clean up some SCRAM attribute processing

Correct the comment for read_any_attr().  Give a clearer error message
when parsing at the end of the string, when the client-final-message
does not contain a "p" attribute (for some reason).

Reviewed-by: Michael Paquier <michael@paquier.xyz>
Discussion: https://www.postgresql.org/message-id/flat/2fb8a15b-de35-682d-a77b-edcc9c52fa12%402ndquadrant.com

diff --git a/src/backend/libpq/auth-scram.c b/src/backend/libpq/auth-scram.c
index aa918839fb9f1f8ed2d7245a0c376d46761553fe..68792cb45e77b4e370af239ae291d887fe72ce17 100644 (file)
--- a/src/backend/libpq/auth-scram.c
+++ b/src/backend/libpq/auth-scram.c
@@ -790,7 +790,8 @@ sanitize_str(const char *s)
 /*
  * Read the next attribute and value in a SCRAM exchange message.
  *
- * Returns NULL if there is attribute.
+ * The attribute character is set in *attr_p, the attribute value is the
+ * return value.
  */
 static char *
 read_any_attr(char **input, char *attr_p)
@@ -799,6 +800,12 @@ read_any_attr(char **input, char *attr_p)
    char       *end;
    char        attr = *begin;
 
+   if (attr == '\0')
+       ereport(ERROR,
+               (errcode(ERRCODE_PROTOCOL_VIOLATION),
+                errmsg("malformed SCRAM message"),
+                errdetail("Attribute expected, but found end of string.")));
+
    /*------
     * attr-val        = ALPHA "=" value
     *                   ;; Generic syntax of any attribute sent
@@ -1298,7 +1305,7 @@ read_client_final_message(scram_state *state, const char *input)
 
    state->client_final_nonce = read_attr_value(&p, 'r');
 
-   /* ignore optional extensions */
+   /* ignore optional extensions, read until we find "p" attribute */
    do
    {
        proof = p - 1;