In contrib/pgcrypto/pgcrypto.c :
err = px_combo_init(c, (uint8 *) VARDATA_ANY(key), klen, NULL, 0);
Note: NULL is passed as iv.
When combo_init() is called,
if (ivlen > ivs)
memcpy(ivbuf, iv, ivs);
else
memcpy(ivbuf, iv, ivlen);
It seems we need to consider the case of null being passed as iv for memcpy() because of this:
/usr/include/string.h:44:28: note: nonnull attribute specified here
What do you think of the following patch ?
Cheers