From 41493bac36575c93172644d0eab7045aed8dcc17 Mon Sep 17 00:00:00 2001 From: Heikki Linnakangas Date: Mon, 12 Dec 2016 09:58:32 +0200 Subject: [PATCH] Fix two thinkos related to strong random keys. pg_backend_random() is used for MD5 salt generation, but it can fail, and no checks were done on its status code. Fix memory leak, if generating a random number for a cancel key failed. Both issues were spotted by Coverity. Fix by Michael Paquier. --- src/backend/libpq/auth.c | 7 ++++++- src/backend/postmaster/postmaster.c | 1 + 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c index f8bffe37dd..2b1841fb9b 100644 --- a/src/backend/libpq/auth.c +++ b/src/backend/libpq/auth.c @@ -715,7 +715,12 @@ CheckMD5Auth(Port *port, char **logdetail) errmsg("MD5 authentication is not supported when \"db_user_namespace\" is enabled"))); /* include the salt to use for computing the response */ - pg_backend_random(md5Salt, 4); + if (!pg_backend_random(md5Salt, 4)) + { + ereport(LOG, + (errmsg("could not acquire random number for MD5 salt."))); + return STATUS_ERROR; + } sendAuthRequest(port, AUTH_REQ_MD5, md5Salt, 4); diff --git a/src/backend/postmaster/postmaster.c b/src/backend/postmaster/postmaster.c index 59073e0354..09884b3132 100644 --- a/src/backend/postmaster/postmaster.c +++ b/src/backend/postmaster/postmaster.c @@ -3901,6 +3901,7 @@ BackendStartup(Port *port) */ if (!RandomCancelKey(&MyCancelKey)) { + free(bn); ereport(LOG, (errcode(ERRCODE_OUT_OF_MEMORY), errmsg("could not acquire random number")));