Force crypt() salt to be null-terminated.

b5453fae · Bruce Momjian · da45a0bd · b5453fae · b5453fae
Commit b5453fae authored Aug 17, 2001 by Bruce Momjian
Show whitespace changes
Inline Side-by-side

Showing with 14 additions and 5 deletions

src/backend/libpq/crypt.c src/backend/libpq/crypt.c +7 -3

src/interfaces/libpq/fe-auth.c src/interfaces/libpq/fe-auth.c +7 -2

No files found.
--- a/src/backend/libpq/crypt.c
+++ b/src/backend/libpq/crypt.c
@@ -9,7 +9,7 @@
 * Dec 17, 1997 - Todd A. Brandys
 *	Orignal Version Completed.
 *
- * $Id: crypt.c,v 1.35 2001/08/17 02:59:19 momjian Exp $
+ * $Id: crypt.c,v 1.36 2001/08/17 03:09:31 momjian Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -295,8 +295,12 @@ md5_crypt_verify(const Port *port, const char *user, const char *pgpass)
 	switch (port->auth_method)
 	{
 		case uaCrypt:
-			crypt_pwd = crypt(passwd, port->cryptSalt);
+		{
+			char salt[3];
+			StrNCpy(salt, port->cryptSalt,3);
+			crypt_pwd = crypt(passwd, salt);
 			break;
+		}
 		case uaMD5:
 			crypt_pwd = palloc(MD5_PASSWD_LEN+1);
 			if (isMD5(passwd))

--- a/src/interfaces/libpq/fe-auth.c
+++ b/src/interfaces/libpq/fe-auth.c
@@ -10,7 +10,7 @@
 * exceed INITIAL_EXPBUFFER_SIZE (currently 256 bytes).
 *
 * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-auth.c,v 1.51 2001/08/17 02:59:19 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-auth.c,v 1.52 2001/08/17 03:09:31 momjian Exp $
 *
 *-------------------------------------------------------------------------
 */
@@ -443,8 +443,13 @@ pg_password_sendauth(PGconn *conn, const char *password, AuthRequest areq)
 	switch (areq)
 	{
 		case AUTH_REQ_CRYPT:
-			crypt_pwd = crypt(password, conn->cryptSalt);
+		{
+			char salt[3];
+			StrNCpy(salt, conn->cryptSalt,3);
+			crypt_pwd = crypt(password, salt);
 			break;
+		}
 		case AUTH_REQ_MD5:
 			{
 				char *crypt_pwd2;