Re: Oops in fe-auth.c
| От | Magnus Hagander |
|---|---|
| Тема | Re: Oops in fe-auth.c |
| Дата | |
| Msg-id | 46A4E5B8.7050409@hagander.net обсуждение исходный текст |
| Ответ на | Re: Oops in fe-auth.c (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-hackers |
Tom Lane wrote: > Magnus Hagander <magnus@hagander.net> writes: >>> I never actually tested if it crashes on mingw, but looking some more at it >>> it really should - once one of these errors happen. > >> Hm. Much easier than that - the code is new in HEAD. 8.2 did >> fprintf(stderr). And HEAD still does that in at least one case. > >> Anyway, I'll go ahead with the patch I wrote since it does Seem Nicer to >> actually use the PQexpbuffer code there, and the patch was rather >> trivial, but it's certainly not something to backpatch then... > > It does look like there is a risk in 8.2 and before, though: > the fe-auth.c code has a lot of snprintf's with PQERRORMSG_LENGTH, > which should all be INITIAL_EXPBUFFER_SIZE according to that header > comment. snprintf typically doesn't write more than it has to, > but if there ever were a message exceeding INITIAL_EXPBUFFER_SIZE > we'd be at risk of a memory clobber. So that should be changed > as far back as it does that. Do you want to take care of it? > I can if you don't want to. Oh, didn't realize that one. I can take a look at that as well, once I'm done with this one. Seems easy enough - I'll leave you to focus on the more difficult stuff :-) //Magnus
В списке pgsql-hackers по дате отправления: