8000 pgcrypto: Check for error return of px_cipher_decrypt() · postgrespro/postgres@22e1943 · GitHub
[go: up one dir, main page]
Skip to content

    • Commit 22e1943

    Browse files
    peterepetere
    committed
    pgcrypto: Check for error return of px_cipher_decrypt()
    This has previously not been a problem (that anyone ever reported), but in future OpenSSL versions (3.0.0), where legacy ciphers are/can be disabled, this is the place where this is reported. So we need to catch the error here, otherwise the higher-level functions would return garbage. The nearby encryption code already handled errors similarly. Reviewed-by: Daniel Gustafsson <daniel@yesql.se> Discussion: https://www.postgresql.org/message-id/9e9c431c-0adc-7a6d-9b1a-915de1ba3fe7@enterprisedb.com
    1 parent a6715af commit 22e1943

    File tree

    1 file changed

    +4
    -1
    lines changed
    • contrib/pgcrypto

    1 file changed

    +4
    -1
    lines changed

    contrib/pgcrypto/px.c

    Lines changed: 4 additions & 1 deletion
    Original file line numberDiff line numberDiff line change
    @@ -292,6 +292,7 @@ static int
    292292
    combo_decrypt(PX_Combo *cx, const uint8 *data, unsigned dlen,
    293293
    uint8 *res, unsigned *rlen)
    294294
    {
    295+
    int err = 0;
    295296
    unsigned bs,
    296297
    i,
    297298
    pad;
    @@ -317,7 +318,9 @@ combo_decrypt(PX_Combo *cx, const uint8 *data, unsigned dlen,
    317318

    318319
    /* decrypt */
    319320
    *rlen = dlen;
    320-
    px_cipher_decrypt(c, data, dlen, res);
    321+
    err = px_cipher_decrypt(c, data, dlen, res);
    322+
    if (err)
    323+
    return err;
    321324

    322325
    /* unpad */
    323326
    if (bs > 1 && cx->padding)

    0 commit comments

    Comments
     (0)
    0