Skip to content
Snippets Groups Projects
Commit 9a3f5301 authored by Tom Lane's avatar Tom Lane
Browse files

Fix possible buffer overrun and/or unportable behavior in pg_md5_encrypt() 

if salt_len == 0.  This seems to be mostly academic, since nearly all calling
code paths guarantee nonempty salt; the only case that doesn't is
PQencryptPassword where the caller could mistakenly pass an empty username.
So, fix it but don't bother backpatching.  Per ljb.
parent c82fdb69
No related branches found
No related tags found
Hide whitespace changes
Inline Side-by-side
Showing
with 4 additions and 3 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment