Fix two thinkos related to strong random keys.

pg_backend_random() is used for MD5 salt generation, but it can fail, and
no checks were done on its status code.

Fix memory leak, if generating a random number for a cancel key failed.

Both issues were spotted by Coverity. Fix by Michael Paquier.

src/backend/libpq/auth.c

@@ -715,7 +715,12 @@ CheckMD5Auth(Port *port, char **logdetail)
 				 errmsg("MD5 authentication is not supported when \"db_user_namespace\" is enabled")));
 
 	/* include the salt to use for computing the response */
-	pg_backend_random(md5Salt, 4);
+	if (!pg_backend_random(md5Salt, 4))
+	{
+		ereport(LOG,
+				(errmsg("could not acquire random number for MD5 salt.")));
+		return STATUS_ERROR;
+	}
 
 	sendAuthRequest(port, AUTH_REQ_MD5, md5Salt, 4);
 

src/backend/postmaster/postmaster.c

@@ -3901,6 +3901,7 @@ BackendStartup(Port *port)
 	 */
 	if (!RandomCancelKey(&MyCancelKey))
 	{
+		free(bn);
 		ereport(LOG,
 				(errcode(ERRCODE_OUT_OF_MEMORY),
 				 errmsg("could not acquire random number")));