From 149d13de745beb5a29dcd1daa3f39e8819a4a4e5 Mon Sep 17 00:00:00 2001 From: Bruce Momjian Date: Thu, 8 Nov 2001 15:56:58 +0000 Subject: [PATCH] When given oversized key, encrypt/decrypt corrupted memory. This fixes it. Also a free() was missing. marko --- contrib/pgcrypto/px.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/contrib/pgcrypto/px.c b/contrib/pgcrypto/px.c index 20550bf100..15d8f5daf7 100644 --- a/contrib/pgcrypto/px.c +++ b/contrib/pgcrypto/px.c @@ -26,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: px.c,v 1.3 2001/10/25 05:49:20 momjian Exp $ + * $Id: px.c,v 1.4 2001/11/08 15:56:58 momjian Exp $ */ #include @@ -88,6 +88,8 @@ combo_init(PX_Combo * cx, const uint8 *key, uint klen, memcpy(ivbuf, iv, ivlen); } + if (klen > ks) + klen = ks; keybuf = px_alloc(ks); memset(keybuf, 0, ks); memcpy(keybuf, key, klen); @@ -96,6 +98,7 @@ combo_init(PX_Combo * cx, const uint8 *key, uint klen, if (ivbuf) px_free(ivbuf); + px_free(keybuf); return err; } -- 2.40.0