When given oversized key, encrypt/decrypt corrupted

memory.  This fixes it.  Also a free() was missing.

marko

diff --git a/contrib/pgcrypto/px.c b/contrib/pgcrypto/px.c
index 20550bf10037b50c36b310c5f10e041ee54ce993..15d8f5daf7bcbf4418f2f83b43e64ad2b84a0b8e 100644 (file)
--- a/contrib/pgcrypto/px.c
+++ b/contrib/pgcrypto/px.c
@@ -26,7 +26,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $Id: px.c,v 1.3 2001/10/25 05:49:20 momjian Exp $
+ * $Id: px.c,v 1.4 2001/11/08 15:56:58 momjian Exp $
  */
 
 #include <postgres.h>
@@ -88,6 +88,8 @@ combo_init(PX_Combo * cx, const uint8 *key, uint klen,
                        memcpy(ivbuf, iv, ivlen);
        }
 
+       if (klen > ks)
+               klen = ks;
        keybuf = px_alloc(ks);
        memset(keybuf, 0, ks);
        memcpy(keybuf, key, klen);
@@ -96,6 +98,7 @@ combo_init(PX_Combo * cx, const uint8 *key, uint klen,
 
        if (ivbuf)
                px_free(ivbuf);
+       px_free(keybuf);
 
        return err;
 }