Force crypt() salt to be null-terminated.

2025-11-03 09:13:20 +03:00 · 2001-08-17 03:09:31 +00:00
parent da45a0bdb7
commit b5453fae74
2 changed files with 14 additions and 5 deletions
--- a/src/backend/libpq/crypt.c
+++ b/src/backend/libpq/crypt.c
@@ -9,7 +9,7 @@
 * Dec 17, 1997 - Todd A. Brandys
 *	Orignal Version Completed.
 *
- * $Id: crypt.c,v 1.35 2001/08/17 02:59:19 momjian Exp $
+ * $Id: crypt.c,v 1.36 2001/08/17 03:09:31 momjian Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -295,8 +295,12 @@ md5_crypt_verify(const Port *port, const char *user, const char *pgpass)
 	switch (port->auth_method)
 	{
 		case uaCrypt:
-			crypt_pwd = crypt(passwd, port->cryptSalt);
+		{
 			char salt[3];
 			StrNCpy(salt, port->cryptSalt,3);
 			crypt_pwd = crypt(passwd, salt);
 			break;
 		}
 		case uaMD5:
 			crypt_pwd = palloc(MD5_PASSWD_LEN+1);
 			if (isMD5(passwd))
--- a/src/interfaces/libpq/fe-auth.c
+++ b/src/interfaces/libpq/fe-auth.c
@@ -10,7 +10,7 @@
 * exceed INITIAL_EXPBUFFER_SIZE (currently 256 bytes).
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-auth.c,v 1.51 2001/08/17 02:59:19 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-auth.c,v 1.52 2001/08/17 03:09:31 momjian Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -443,8 +443,13 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq)
 	switch (areq)
 	{
 		case AUTH_REQ_CRYPT:
-			crypt_pwd = crypt(password, conn->cryptSalt);
+		{
 			char salt[3];
 			StrNCpy(salt, conn->cryptSalt,3);
 			crypt_pwd = crypt(password, salt);
 			break;
 		}
 		case AUTH_REQ_MD5:
 			{
 				char *crypt_pwd2;