When given oversized key, encrypt/decrypt corrupted
memory. This fixes it. Also a free() was missing.
--
marko
Index: contrib/pgcrypto/px.c
===================================================================
RCS file: /opt/cvs/pgsql/pgsql/contrib/pgcrypto/px.c,v
retrieving revision 1.3
diff -u -r1.3 px.c
--- contrib/pgcrypto/px.c 25 Oct 2001 05:49:20 -0000 1.3
+++ contrib/pgcrypto/px.c 7 Nov 2001 22:33:44 -0000
@@ -88,6 +88,8 @@
memcpy(ivbuf, iv, ivlen);
}
+ if (klen > ks)
+ klen = ks;
keybuf = px_alloc(ks);
memset(keybuf, 0, ks);
memcpy(keybuf, key, klen);
@@ -96,6 +98,7 @@
if (ivbuf)
px_free(ivbuf);
+ px_free(keybuf);
return err;
}