From b5453fae742c5130086989b51498a201ef2ee086 Mon Sep 17 00:00:00 2001
From: Bruce Momjian <bruce@momjian.us>
Date: Fri, 17 Aug 2001 03:09:31 +0000
Subject: [PATCH] Force crypt() salt to be null-terminated.

---
 src/backend/libpq/crypt.c      | 10 +++++++---
 src/interfaces/libpq/fe-auth.c |  9 +++++++--
 2 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/src/backend/libpq/crypt.c b/src/backend/libpq/crypt.c
index f82e44ccb2..5a54bde4b6 100644
--- a/src/backend/libpq/crypt.c
+++ b/src/backend/libpq/crypt.c
@@ -9,7 +9,7 @@
  * Dec 17, 1997 - Todd A. Brandys
  *	Orignal Version Completed.
  *
- * $Id: crypt.c,v 1.35 2001/08/17 02:59:19 momjian Exp $
+ * $Id: crypt.c,v 1.36 2001/08/17 03:09:31 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -281,7 +281,7 @@ md5_crypt_verify(const Port *port, const char *user, const char *pgpass)
 	if (isMD5(passwd) && port->auth_method != uaMD5)
 	{
 		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
-		 	"Password is stored MD5 encrypted.  "
+			"Password is stored MD5 encrypted.  "
 			"Only pg_hba.conf's MD5 protocol can be used for this user.\n");
 		fputs(PQerrormsg, stderr);
 		pqdebug("%s", PQerrormsg);
@@ -295,8 +295,12 @@ md5_crypt_verify(const Port *port, const char *user, const char *pgpass)
 	switch (port->auth_method)
 	{
 		case uaCrypt:
-			crypt_pwd = crypt(passwd, port->cryptSalt);
+		{
+			char salt[3];
+			StrNCpy(salt, port->cryptSalt,3);
+			crypt_pwd = crypt(passwd, salt);
 			break;
+		}
 		case uaMD5:
 			crypt_pwd = palloc(MD5_PASSWD_LEN+1);
 			if (isMD5(passwd))
diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c
index 4e4a8f6d93..8da5e453d8 100644
--- a/src/interfaces/libpq/fe-auth.c
+++ b/src/interfaces/libpq/fe-auth.c
@@ -10,7 +10,7 @@
  * exceed INITIAL_EXPBUFFER_SIZE (currently 256 bytes).
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-auth.c,v 1.51 2001/08/17 02:59:19 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-auth.c,v 1.52 2001/08/17 03:09:31 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -443,8 +443,13 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq)
 	switch (areq)
 	{
 		case AUTH_REQ_CRYPT:
-			crypt_pwd = crypt(password, conn->cryptSalt);
+		{
+			char salt[3];
+
+			StrNCpy(salt, conn->cryptSalt,3);
+			crypt_pwd = crypt(password, salt);
 			break;
+		}
 		case AUTH_REQ_MD5:
 			{
 				char *crypt_pwd2;