* From: Christian Ullrich
> * From: Robbie Harwood [mailto:rharwood@redhat.com]
>
> > Christian Ullrich <chris@chrullrich.net> writes:
> > > + /* Replace domainname with realm name. */
> > > + if (upnamerealmsize > domainnamesize)
> > > + {
> > > + pfree(upname);
> > > + ereport(LOG,
> > > + (errcode(ERRCODE_INVALID_ROLE_SPECIFICATION),
> > > + errmsg("realm name too long")));
> > > + return STATUS_ERROR;
> > > + }
> > > +
> > > + /* Length is now safe. */
> > > + strcpy(domainname, p+1);
> >
> > Is this an actual fail state or something born out of convenience? A
> > naive reading of this code doesn't explain why it's forbidden for the
> > upn realm to be longer than the domain name.
>
> Because it's copied *into* domainname right there on the last line.
>
> That said, sizeof(domainname) is MAXPGPATH, which is 1024, so there is
> absolutely no chance that the realm could be longer -- it would need an
> AD forest at least 16 domains deep.
Oh, sorry, I misunderstood the question. Yes, it's due to convenience, but
a) it *is* rather convenient given the plentiful buffer I get, and
b) doing it differently involves char** inout parameters and potential
trouble with pointer aliasing in the caller, both things I'd rather avoid.
--
Christian