Fix possible buffer overrun and/or unportable behavior in pg_md5_encrypt()

Tom Lane <tgl@sss.pgh.pa.us>

Commit: 9a3f5301ff0e4721e560eea698702c690f8d70db
Author: Tom Lane <tgl@sss.pgh.pa.us>
Date: 2009-09-15T02:31:15Z
Releases: 9.0.0
Fix possible buffer overrun and/or unportable behavior in pg_md5_encrypt()
if salt_len == 0.  This seems to be mostly academic, since nearly all calling
code paths guarantee nonempty salt; the only case that doesn't is
PQencryptPassword where the caller could mistakenly pass an empty username.
So, fix it but don't bother backpatching.  Per ljb.

Files

PathChange+/−
src/backend/libpq/md5.c modified +4 −3