forked frompostgres/postgres
- Notifications
You must be signed in to change notification settings - Fork6
Commit8b50558
committed
Don't use Asserts to check for violations of replication protocol.
Using an Assert to check the validity of incoming messages is anextremely poor decision. In a debug build, it should not be that easyfor a broken or malicious remote client to crash the logrep worker.The consequences could be even worse in non-debug builds, which willfail to make such checks at all, leading to who-knows-what misbehavior.Hence, promote every Assert that could possibly be triggered by wrongor out-of-order replication messages to a full test-and-ereport.To avoid bloating the set of messages the translation team has to copewith, establish a policy that replication protocol violation errorreports don't need to be translated. Hence, all the new messages hereuse errmsg_internal(). A couple of old messages are changed likewisefor consistency.Along the way, fix some non-idiomatic or outright wrong uses ofhash_search().Most of these mistakes are new with the "streaming replication"patch (commit4648243), but a couple go back a long way.Back-patch as appropriate.Discussion:https://postgr.es/m/1719083.1623351052@sss.pgh.pa.us1 parent45322bd commit8b50558
2 files changed
+9
-2
lines changedLines changed: 1 addition & 1 deletion
Original file line number | Diff line number | Diff line change | |
---|---|---|---|
| |||
1380 | 1380 |
| |
1381 | 1381 |
| |
1382 | 1382 |
| |
1383 |
| - | |
| 1383 | + | |
1384 | 1384 |
| |
1385 | 1385 |
| |
1386 | 1386 |
| |
|
Lines changed: 8 additions & 1 deletion
Original file line number | Diff line number | Diff line change | |
---|---|---|---|
| |||
559 | 559 |
| |
560 | 560 |
| |
561 | 561 |
| |
562 |
| - | |
| 562 | + | |
| 563 | + | |
| 564 | + | |
| 565 | + | |
| 566 | + | |
| 567 | + | |
| 568 | + | |
| 569 | + | |
563 | 570 |
| |
564 | 571 |
| |
565 | 572 |
| |
|
0 commit comments
Comments
(0)