Fix detection of passwords hashed with MD5

This commit fixes an issue related to the way password verifiers hashed with MD5 are detected, leading to possibly detect that plain passwords are legit MD5 hashes. A MD5-hashed entry was checked based on if its header uses "md5" and if the string length matches what is expected. Unfortunately the code never checked if the hash only used hexadecimal characters after the three-character prefix. Fix 9.6 down to 9.4, where this code is present. This area of the code has changed in 10 and upwards with the introduction of SCRAM, which led to a different fix committed as of ccae190b. Reported-by: Tom Lane Author: Michael Paquier Reviewed-by: Jonathan Katz Discussion: https://postgr.es/m/016deb6b-1f0a-8e9f-1833-a8675b170aa9@postgresql.org Backpatch-through: 9.4

Fix detection of passwords hashed with MD5
a82c06f4 · Michael Paquier · c0bafc5e · a82c06f4
Commit a82c06f4 authored 6 years ago by Michael Paquier
--- a/src/include/libpq/md5.h
+++ b/src/include/libpq/md5.h
@@ -16,10 +16,12 @@
 #ifndef PG_MD5_H
 #define PG_MD5_H

+#define MD5_PASSWD_CHARSET "0123456789abcdef"
 #define MD5_PASSWD_LEN	35

 #define isMD5(passwd)	(strncmp(passwd, "md5", 3) == 0 && \
-						 strlen(passwd) == MD5_PASSWD_LEN)
+						 strlen(passwd) == MD5_PASSWD_LEN && \
+						 strspn(passwd + 3, MD5_PASSWD_CHARSET) == MD5_PASSWD_LEN - 3)


 extern bool pg_md5_hash(const void *buff, size_t len, char *hexsum);