Fix error handling of pg_b64_decode()

Fix for commit 761c79508e7.  The previous error handling logic was not
quite correct.

Discussion: https://www.postgresql.org/message-id/flat/CAEudQAq-3yHsSdWoOOaw%2BgAQYgPMpMGuB5pt2yCXgv-YuxG2Hg%40mail.gmail.com

diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c
index c7943d549e88462a2d60d05d8c6dcf3061103895..7878e2e33afe0a9123ef69ca25a472446fe65848 100644 (file)
--- a/src/interfaces/libpq/fe-connect.c
+++ b/src/interfaces/libpq/fe-connect.c
@@ -1805,18 +1805,24 @@ pqConnectOptions2(PGconn *conn)
                int                     len;
 
                len = pg_b64_dec_len(strlen(conn->scram_client_key));
-               /* Consider the zero-terminator */
-               if (len != SCRAM_MAX_KEY_LEN + 1)
+               conn->scram_client_key_binary = malloc(len);
+               if (!conn->scram_client_key_binary)
+                       goto oom_error;
+               len = pg_b64_decode(conn->scram_client_key, strlen(conn->scram_client_key),
+                                                       conn->scram_client_key_binary, len);
+               if (len < 0)
+               {
+                       libpq_append_conn_error(conn, "invalid SCRAM client key");
+                       free(conn->scram_client_key_binary);
+                       return false;
+               }
+               if (len != SCRAM_MAX_KEY_LEN)
                {
                        libpq_append_conn_error(conn, "invalid SCRAM client key length: %d", len);
+                       free(conn->scram_client_key_binary);
                        return false;
                }
                conn->scram_client_key_len = len;
-               conn->scram_client_key_binary = malloc(len);
-               if (!conn->scram_client_key_binary)
-                       goto oom_error;
-               pg_b64_decode(conn->scram_client_key, strlen(conn->scram_client_key),
-                                         conn->scram_client_key_binary, len);
        }
 
        if (conn->scram_server_key)
@@ -1824,18 +1830,24 @@ pqConnectOptions2(PGconn *conn)
                int                     len;
 
                len = pg_b64_dec_len(strlen(conn->scram_server_key));
-               /* Consider the zero-terminator */
-               if (len != SCRAM_MAX_KEY_LEN + 1)
+               conn->scram_server_key_binary = malloc(len);
+               if (!conn->scram_server_key_binary)
+                       goto oom_error;
+               len = pg_b64_decode(conn->scram_server_key, strlen(conn->scram_server_key),
+                                                       conn->scram_server_key_binary, len);
+               if (len < 0)
+               {
+                       libpq_append_conn_error(conn, "invalid SCRAM server key");
+                       free(conn->scram_server_key_binary);
+                       return false;
+               }
+               if (len != SCRAM_MAX_KEY_LEN)
                {
                        libpq_append_conn_error(conn, "invalid SCRAM server key length: %d", len);
+                       free(conn->scram_server_key_binary);
                        return false;
                }
                conn->scram_server_key_len = len;
-               conn->scram_server_key_binary = malloc(len);
-               if (!conn->scram_server_key_binary)
-                       goto oom_error;
-               pg_b64_decode(conn->scram_server_key, strlen(conn->scram_server_key),
-                                         conn->scram_server_key_binary, len);
        }
 
        /*