| From: | Jacob Champion <jchampion(at)timescale(dot)com> |
|---|---|
| To: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Cc: | Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com> |
| Subject: | [PATCH] Fix unbounded authentication exchanges during PQconnectPoll() |
| Date: | 2023-02-13 23:22:11 |
| Message-ID: | 8e729daf-7d71-6965-9687-8bc0630599b3@timescale.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hello,
This is closely related to the prior conversation at [1]. There are a
couple places in CONNECTION_AWAITING_RESPONSE where libpq will read a
huge number of bytes from a server that we really should have hung up on.
The attached patch adds a length check for the v2 error compatibility
case, and updates the v3 error handling to jump to error_return rather
than asking for more data. The existing error_return paths have been
updated for consistency.
Thanks,
--Jacob
[1]
https://www.postgresql.org/message-id/a5c5783d-73f3-acbc-997f-1649a7406029%40timescale.com
| Attachment | Content-Type | Size |
|---|---|---|
| PQconnectPoll-fix-unbounded-authentication-exchanges.patch | text/x-patch | 3.3 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Justin Pryzby | 2023-02-13 23:22:45 | Re: Improve logging when using Huge Pages |
| Previous Message | Peter Geoghegan | 2023-02-13 23:22:02 | pg_walinspect memory leaks |