pgcrypto: Check for error return of px_cipher_decrypt()

This has previously not been a problem (that anyone ever reported),
but in future OpenSSL versions (3.0.0), where legacy ciphers are/can
be disabled, this is the place where this is reported.  So we need to
catch the error here, otherwise the higher-level functions would
return garbage.  The nearby encryption code already handled errors
similarly.

Author: Peter Eisentraut <peter@eisentraut.org>
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Discussion: https://www.postgresql.org/message-id/9e9c431c-0adc-7a6d-9b1a-915de1ba3fe7@enterprisedb.com
Backpatch-through: 9.6

diff --git a/contrib/pgcrypto/px.c b/contrib/pgcrypto/px.c
index 0f02fb56c4fb9974a9d99d5395e70a52d4b9f377..2c6704e257779cec8949898ccf299250e3cd7f7a 100644 (file)
--- a/contrib/pgcrypto/px.c
+++ b/contrib/pgcrypto/px.c
@@ -292,6 +292,7 @@ static int
 combo_decrypt(PX_Combo *cx, const uint8 *data, unsigned dlen,
                          uint8 *res, unsigned *rlen)
 {
+       int                     err = 0;
        unsigned        bs,
                                i,
                                pad;
@@ -317,7 +318,9 @@ combo_decrypt(PX_Combo *cx, const uint8 *data, unsigned dlen,
 
        /* decrypt */
        *rlen = dlen;
-       px_cipher_decrypt(c, data, dlen, res);
+       err = px_cipher_decrypt(c, data, dlen, res);
+       if (err)
+               return err;
 
        /* unpad */
        if (bs > 1 && cx->padding)