Avoid returning undefined bytes in chkpass_in().

We can't really fix the problem that the result is defined to depend on
random(), so it is still going to fail the "unstable input conversion"
test in parse_type.c.  However, we can at least satify valgrind.  (It
looks like this code used to be valgrind-clean, actually, until somebody
did a careless s/strncpy/strlcpy/g on it.)

In passing, let's just make real sure that chkpass_out doesn't overrun
its output buffer.

No need for backpatch, I think, since this is just to satisfy debugging
tools.

Asif Naeem

diff --git a/contrib/chkpass/chkpass.c b/contrib/chkpass/chkpass.c
index 283ad9a5388c6c340eb056a7c5a0214015ba1b3e..9425c089b5b7da0a588fb107cd4aca41bf9c0cc2 100644 (file)
--- a/contrib/chkpass/chkpass.c
+++ b/contrib/chkpass/chkpass.c
@@ -65,7 +65,7 @@ chkpass_in(PG_FUNCTION_ARGS)
        /* special case to let us enter encrypted passwords */
        if (*str == ':')
        {
-               result = (chkpass *) palloc(sizeof(chkpass));
+               result = (chkpass *) palloc0(sizeof(chkpass));
                strlcpy(result->password, str + 1, 13 + 1);
                PG_RETURN_POINTER(result);
        }
@@ -75,7 +75,7 @@ chkpass_in(PG_FUNCTION_ARGS)
                                (errcode(ERRCODE_DATA_EXCEPTION),
                                 errmsg("password \"%s\" is weak", str)));
 
-       result = (chkpass *) palloc(sizeof(chkpass));
+       result = (chkpass *) palloc0(sizeof(chkpass));
 
        mysalt[0] = salt_chars[random() & 0x3f];
        mysalt[1] = salt_chars[random() & 0x3f];
@@ -107,7 +107,7 @@ chkpass_out(PG_FUNCTION_ARGS)
 
        result = (char *) palloc(16);
        result[0] = ':';
-       strcpy(result + 1, password->password);
+       strlcpy(result + 1, password->password, 15);
 
        PG_RETURN_CSTRING(result);
 }