database/postgres
database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-05-02 11:44:50 +03:00
Code

pgcrypto: Check for error return of px_cipher_decrypt()

Browse Source 
This has previously not been a problem (that anyone ever reported),
but in future OpenSSL versions (3.0.0), where legacy ciphers are/can
be disabled, this is the place where this is reported.  So we need to
catch the error here, otherwise the higher-level functions would
return garbage.  The nearby encryption code already handled errors
similarly.

Author: Peter Eisentraut <peter@eisentraut.org>
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Discussion: https://www.postgresql.org/message-id/9e9c431c-0adc-7a6d-9b1a-915de1ba3fe7@enterprisedb.com
Backpatch-through: 9.6
This commit is contained in:
Daniel Gustafsson 2021-09-25 11:25:48 +02:00
parent 52f8575a9e
commit a69e1506f6
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
contrib/pgcrypto/px.c
View File

@ -292,6 +292,7 @@ static int
combo_decrypt(PX_Combo *cx, const uint8 *data, unsigned dlen, combo_decrypt(PX_Combo *cx, const uint8 *data, unsigned dlen,
uint8 *res, unsigned *rlen) uint8 *res, unsigned *rlen)
{ {
int err = 0;
unsigned bs, unsigned bs,
i, i,
pad; pad;
@ -317,7 +318,9 @@ combo_decrypt(PX_Combo *cx, const uint8 *data, unsigned dlen,
/* decrypt */ /* decrypt */
*rlen = dlen; *rlen = dlen;
px_cipher_decrypt(c, data, dlen, res); err = px_cipher_decrypt(c, data, dlen, res);
if (err)
return err;
/* unpad */ /* unpad */
if (bs > 1 && cx->padding) if (bs > 1 && cx->padding)