From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | "Bossart, Nathan" <bossartn(at)amazon(dot)com> |
Cc: | "pgsql-hackers(at)lists(dot)postgresql(dot)org" <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
Subject: | Re: Improving psql's \password command |
Date: | 2021-11-15 21:03:53 |
Message-ID: | 2152988.1637010233@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
"Bossart, Nathan" <bossartn(at)amazon(dot)com> writes:
> On 11/15/21, 10:13 AM, "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> * I don't believe that this bit is necessary, or if it is,
>> the comment fails to justify it:
>>
>> - initStringInfo(&buf);
>> + /* make sure buf is palloc'd so we don't lose changes after a longjmp */
>> + buf = makeStringInfo();
> My main worry was that buf->data might get repalloc'd via
> enlargeStringInfo(), which could cause problems after a longjmp.
So what? That has nothing to do with whether the buf struct itself
is alloc'd or not. Besides which, no longjmp is going to happen
during any reallocation. I'm not entirely sure what scenario
you're worried about, but I don't see how alloc'ing the
StringInfoData struct would make it any safer. If anything it'd
be less safe, since the StringInfoData is certain to be on the
stack, while a buf pointer variable is likely to be kept in a
register. But really that doesn't matter anyhow, since this
is a stack level below where the sigsetjmp call is. AFAIK the
only longjmp clobber risk is to pg_get_line_append's mutable
local variables, of which there are none.
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Andres Freund | 2021-11-15 21:04:05 | Re: Time to drop plpython2? |
Previous Message | Álvaro Herrera | 2021-11-15 21:01:25 | Re: support for MERGE |