Fix memory leaks if random salt generation fails.

In the backend, this is just to silence coverity warnings, but in the frontend, it's a genuine leak, even if extremely rare. Spotted by Coverity, patch by Michael Paquier.
author: Heikki Linnakangas 2017-05-07 16:58:21 +0000
committer: Heikki Linnakangas 2017-05-07 16:58:21 +0000
commit: 0186ded5460c4868db8c5f98ab17287c15fedd7e (patch)
tree: 400d9e03db8e625eb3c4ed5ecb331e2a1f2c8ba4
parent: a54d5875fe0bc19d05236b85e1e1bf0af9fa2902 (diff)
2 files changed, 6 insertions, 0 deletions
diff --git a/src/backend/libpq/auth-scram.c b/src/backend/libpq/auth-scram.c
index 8b3da736b1..3acc2acfe4 100644
--- a/src/backend/libpq/auth-scram.c
+++ b/src/backend/libpq/auth-scram.c
@@ -411,6 +411,8 @@ pg_be_scram_build_verifier(const char *password)
 		ereport(LOG,
 				(errcode(ERRCODE_INTERNAL_ERROR),
 				 errmsg("could not generate random salt")));
+		if (prep_password)
+			pfree(prep_password);
 		return NULL;
 	}
 
diff --git a/src/interfaces/libpq/fe-auth-scram.c b/src/interfaces/libpq/fe-auth-scram.c
index 4598774a96..d8a5bbc712 100644
--- a/src/interfaces/libpq/fe-auth-scram.c
+++ b/src/interfaces/libpq/fe-auth-scram.c
@@ -638,7 +638,11 @@ pg_fe_scram_build_verifier(const char *password)
 
 	/* Generate a random salt */
 	if (!pg_frontend_random(saltbuf, SCRAM_DEFAULT_SALT_LEN))
+	{
+		if (prep_password)
+			free(prep_password);
 		return NULL;
+	}
 
 	result = scram_build_verifier(saltbuf, SCRAM_DEFAULT_SALT_LEN,
 								  SCRAM_DEFAULT_ITERATIONS, password);
author	Heikki Linnakangas	2017-05-07 16:58:21 +0000
committer	Heikki Linnakangas	2017-05-07 16:58:21 +0000
commit	0186ded5460c4868db8c5f98ab17287c15fedd7e (patch)
tree	400d9e03db8e625eb3c4ed5ecb331e2a1f2c8ba4
parent	a54d5875fe0bc19d05236b85e1e1bf0af9fa2902 (diff)