Re: [HACKERS] Oops in fe-auth.c

Magnus Hagander <magnus@hagander.net> writes:
> Actually coding up a patch for that was just a bunch of simple
> search/replace ops. Attached is one that appears to work fine for me.

> Was there any reason why this wasn't done before, or just nobody had the
> time? If there was a reason, please let me know what it was :-)

AFAIR nobody got round to it because it hadn't seemed important.

> (Question about backpatch remains)

I'd vote against backpatching.  The appropriate fix for back branches
is probably just to reduce the strncpy and snprintf arguments to
INITIAL_EXPBUFFER_SIZE, ie, make the code do what that header comment
says it should do.

Style point: in the places where you've chosen to pass the whole PGconn,
you should remove any separate arguments that are actually just PGconn
fields; eg for pg_krb5_sendauth it looks like sock and servicename are
now redundant.  Otherwise there are risks of programmer confusion, and
maybe even wrong code generation, due to aliasing.

It would be more consistent to pass PGconn around to all of these
functions instead of trying to have them have just partial views of it,
but I dunno if you want to engage in purely cosmetic changes.

            regards, tom lane