Re: fix for palloc() of user-supplied length
От | Neil Conway |
---|---|
Тема | Re: fix for palloc() of user-supplied length |
Дата | |
Msg-id | 87sn0zy549.fsf@mailbox.samurai.com обсуждение исходный текст |
Ответ на | Re: fix for palloc() of user-supplied length (Bruce Momjian <pgman@candle.pha.pa.us>) |
Ответы |
Re: fix for palloc() of user-supplied length
Re: fix for palloc() of user-supplied length |
Список | pgsql-patches |
Serguei Mokhov <mokhov@cs.concordia.ca> writes: > + if (len < 1 || len > 8192) > + { > + elog(LOG, "Password packet length too long: %d", len); > ^^^^^^^^ > Shouldn't it be changed to 'too long || too long' then? ;) Woops, sorry for being careless. Changed the wording to refer to 'invalid' rather than 'too long' or 'too short'. > And also for the message to be more descriptive for the innocent, I'd included > the current boundaries in it (like: "expected: 1 <= len <= 8192") Also fixed, although I'm not sure it's worth worrying about. > (a question: isn't hardcoding an evil?) Yes, probably -- as the comment notes, it is just an arbitrary limitation. But given that (a) it is extremely unlikely to ever be encountered in a real-life situation (b) the limits it imposes are very lax (c) it is temporary code that will be ripped out shortly, I'm not too concerned... Thanks for taking a look at the code, BTW. Cheers, Neil -- Neil Conway <neilc@samurai.com> || PGP Key ID: DB3C29FC
Вложения
В списке pgsql-patches по дате отправления: