| From: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
|---|---|
| To: | Jacob Champion <jchampion(at)timescale(dot)com> |
| Cc: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com> |
| Subject: | Re: [PATCH] Fix unbounded authentication exchanges during PQconnectPoll() |
| Date: | 2023-02-22 19:43:20 |
| Message-ID: | 9748706c-316f-0c66-a09a-bd97d6ddef5d@iki.fi |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 22/02/2023 20:49, Jacob Champion wrote:
> On Tue, Feb 21, 2023 at 12:35 PM Heikki Linnakangas <hlinnaka(at)iki(dot)fi> wrote:
>>> @@ -3370,6 +3389,7 @@ keep_going: /* We will come back to here until there is
>>> /* Get the type of request. */
>>> if (pqGetInt((int *) &areq, 4, conn))
>>> {
>>> + libpq_append_conn_error(conn, "server sent truncated authentication request");
>>> goto error_return;
>>> }
>>> msgLength -= 4;
>>
>> This is unreachable, because we already checked the length. Better safe
>> than sorry I guess, but let's avoid the translation overhead of this at
>> least.
>
> Should we just Assert() instead of an error message?
I separated the earlier message-length checks so that you get "invalid
invalid authentication request" or "received invalid protocol
negotiation message", depending on whether it was an 'R' or 'v' message.
With that, "invalid invalid authentication request" becomes translatable
anyway, which makes the point on translation overhead moot. I added a
comment to mention that it's unreachable, though.
I also reformatted the comments a little more.
Pushed with those changes, thanks!
- Heikki
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2023-02-22 19:49:15 | Re: Rework of collation code, extensibility |
| Previous Message | Nathan Bossart | 2023-02-22 19:42:15 | Re: Proposal: %T Prompt parameter for psql for current time (like Oracle has) |