Re: Increase psql's password buffer size

On Mon, Jan 20, 2020 at 07:44:25PM +0100, David Fetter wrote:
> On Mon, Jan 20, 2020 at 01:12:35PM -0500, Tom Lane wrote:
> > David Fetter <david@fetter.org> writes:
> > > At least two cloud providers are now stuffing large amounts of
> > > information into the password field. This change makes it possible to
> > > accommodate that usage in interactive sessions.
> > 
> > Like who?
> 
> AWS and Azure are two examples I know of.
> 
> > It seems like a completely silly idea.  And if 2K is sane, why not
> > much more?
> 
> Good question. Does it make sense to rearrange these things so they're
> allocated at runtime instead of compile time?
> 
> > (I can't say that s/100/2048/ in one place is a particularly evil
> > change; what bothers me is the likelihood that there are other
> > places that won't cope with arbitrarily long passwords.  Not all of
> > them are necessarily under our control, either.)
> 
> I found one that is, so please find attached the next revision of the
> patch.

I found another place that assumes 100 bytes and upped it to 2048.

Best,
David.
-- 
David Fetter <david(at)fetter(dot)org> http://fetter.org/
Phone: +1 415 235 3778

Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate