Обсуждение: Re: BUG #18769: ldapscheme is not displayed in pg_hba_file_rules
> On 9 Jan 2025, at 11:00, Laurenz Albe <laurenz.albe@cybertec.at> wrote: > > On Thu, 2025-01-09 at 10:54 +0100, Laurenz Albe wrote: >> On Thu, 2025-01-09 at 09:45 +0000, PG Bug reporting form wrote: >>> For whatever reason, the "ldapscheme" option was forgotten in the function >>> pg_hba_file_rules(). >> >> Here is a patch to fix the omission. > > v2 of the patch has a correct "discussion" URL in the commit message; > otherwise it is unchanged. LGTM. -- Daniel Gustafsson
On Thu, 2025-01-09 at 13:09 +0100, Daniel Gustafsson wrote: > > On Thu, 2025-01-09 at 10:54 +0100, Laurenz Albe wrote: > > > On Thu, 2025-01-09 at 09:45 +0000, PG Bug reporting form wrote: > > > > For whatever reason, the "ldapscheme" option was forgotten in the function > > > > pg_hba_file_rules(). > > > > > > Here is a patch to fix the omission. > > LGTM. Do you want to commit it, or should I add it to the next commitfest? Yours, Laurenz Albe
> On 10 Jan 2025, at 09:00, Laurenz Albe <laurenz.albe@cybertec.at> wrote: > > On Thu, 2025-01-09 at 13:09 +0100, Daniel Gustafsson wrote: >>> On Thu, 2025-01-09 at 10:54 +0100, Laurenz Albe wrote: >>>> On Thu, 2025-01-09 at 09:45 +0000, PG Bug reporting form wrote: >>>>> For whatever reason, the "ldapscheme" option was forgotten in the function >>>>> pg_hba_file_rules(). >>>> >>>> Here is a patch to fix the omission. >> >> LGTM. > > Do you want to commit it, or should I add it to the next commitfest? I'm planning to do it today, so no need to add it. Thanks! -- Daniel Gustafsson
Daniel Gustafsson <daniel@yesql.se> writes:
> I'm planning to do it today, so no need to add it. Thanks!
Our weekly Coverity run complained about this in all branches:
*** CID 181934: Memory - corruptions (OVERRUN)
/srv/coverity/git/pgsql-git/13stable/src/backend/libpq/hba.c: 2368 in gethba_options()
2362 if (hba->ldapsearchfilter)
2363 options[noptions++] =
2364 CStringGetTextDatum(psprintf("ldapsearchfilter=%s",
2365 hba->ldapsearchfilter));
2366
2367 if (hba->ldapscope)
>>> CID 181934: Memory - corruptions (OVERRUN)
>>> Overrunning array "options" of 14 8-byte elements at element index 14 (byte offset 119) using index
"noptions++"(which evaluates to 14).
2368 options[noptions++] =
2369 CStringGetTextDatum(psprintf("ldapscope=%d", hba->ldapscope));
2370 }
2371
2372 if (hba->auth_method == uaRADIUS)
2373 {
Looks like you should have increased MAX_HBA_OPTIONS. The comment
just above that macro needs work too.
regards, tom lane
> On 12 Jan 2025, at 16:55, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>
> Daniel Gustafsson <daniel@yesql.se> writes:
>> I'm planning to do it today, so no need to add it. Thanks!
>
> Our weekly Coverity run complained about this in all branches:
>
> *** CID 181934: Memory - corruptions (OVERRUN)
> /srv/coverity/git/pgsql-git/13stable/src/backend/libpq/hba.c: 2368 in gethba_options()
> 2362 if (hba->ldapsearchfilter)
> 2363 options[noptions++] =
> 2364 CStringGetTextDatum(psprintf("ldapsearchfilter=%s",
> 2365 hba->ldapsearchfilter));
> 2366
> 2367 if (hba->ldapscope)
>>>> CID 181934: Memory - corruptions (OVERRUN)
>>>> Overrunning array "options" of 14 8-byte elements at element index 14 (byte offset 119) using index
"noptions++"(which evaluates to 14).
> 2368 options[noptions++] =
> 2369 CStringGetTextDatum(psprintf("ldapscope=%d", hba->ldapscope));
> 2370 }
> 2371
> 2372 if (hba->auth_method == uaRADIUS)
> 2373 {
>
> Looks like you should have increased MAX_HBA_OPTIONS. The comment
> just above that macro needs work too.
Ugh, I missed that when reading over the function. Thanks for the report, I'll
get it fixed tonight.
--
Daniel Gustafsson