From: Bruce Momjian <bruce@momjian.us>
Date: Sat, 1 Feb 2014 01:19:53 +0000 (-0500)
Subject: chkpass:  check for NULL return value from crypt()
X-Git-Tag: REL9_4_BETA1~559
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6afe200ceea818c82e3a1a754c5043e7df1efa10;p=postgresql

chkpass:  check for NULL return value from crypt()

Report from Jozef Mlich using Coverity
---

diff --git a/contrib/chkpass/chkpass.c b/contrib/chkpass/chkpass.c
index 0c9fec0e67..dc66075f98 100644
--- a/contrib/chkpass/chkpass.c
+++ b/contrib/chkpass/chkpass.c
@@ -70,6 +70,7 @@ chkpass_in(PG_FUNCTION_ARGS)
 	char	   *str = PG_GETARG_CSTRING(0);
 	chkpass    *result;
 	char		mysalt[4];
+	char	   *crypt_output;
 	static char salt_chars[] =
 	"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
 
@@ -92,7 +93,13 @@ chkpass_in(PG_FUNCTION_ARGS)
 	mysalt[1] = salt_chars[random() & 0x3f];
 	mysalt[2] = 0;				/* technically the terminator is not necessary
 								 * but I like to play safe */
-	strcpy(result->password, crypt(str, mysalt));
+
+	if ((crypt_output = crypt(str, mysalt)) == NULL)
+		ereport(ERROR,
+				(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
+				 errmsg("crypt() failed")));
+	strcpy(result->password, crypt_output);
+
 	PG_RETURN_POINTER(result);
 }