NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commita1c218c

committed

The attached patch implements the password packet length sanity check

(using an elog(LOG) ), as well as includes a few more comment fixes.Neil Conway

1 parentdbf261f commita1c218cCopy full SHA for a1c218c

File tree

3 files changed

+24

-15

lines changed

src
- backend/libpq
  - auth.c
- include/libpq
  - pqcomm.h
- interfaces/libpq
  - fe-connect.c

3 files changed

+24

-15

lines changed

`‎src/backend/libpq/auth.c`

Lines changed: 12 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@`
`8`	`8`	`*`
`9`	`9`	`*`
`10`	`10`	`* IDENTIFICATION`
`11`		`- * $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.84 2002/08/2715:15:22 momjian Exp $`
	`11`	`+ * $Header: /cvsroot/pgsql/src/backend/libpq/auth.c,v 1.85 2002/08/2716:21:50 momjian Exp $`
`12`	`12`	`*`
`13`	`13`	`*-------------------------------------------------------------------------`
`14`	`14`	`*/`
`@@ -808,6 +808,17 @@ recv_and_check_password_packet(Port *port)`
`808`	`808`	`pfree(buf.data);`
`809`	`809`	`returnSTATUS_EOF;`
`810`	`810`	`}`
	`811`	`+/*`
	`812`	`+ * We don't actually use the password packet length the frontend`
	`813`	`+ * sent us; however, it's a reasonable sanity check to ensure that`
	`814`	`+ * we actually read as much data as we expected to.`
	`815`	`+ *`
	`816`	`+ * The password packet size is the length of the buffer, plus the`
	`817`	`+ * size field itself (4 bytes), plus a 1-byte terminator.`
	`818`	`+ */`
	`819`	`+if (len!= (buf.len+4+1))`
	`820`	`+elog(LOG,"unexpected password packet size: read %d, expected %d",`
	`821`	`+buf.len+4+1,len);`
`811`	`822`
`812`	`823`	`/* Do not echo password to logs, for security. */`
`813`	`824`	`elog(DEBUG5,"received password packet");`

`‎src/include/libpq/pqcomm.h`

Lines changed: 5 additions & 8 deletions

Original file line number	Diff line number	Diff line change
`@@ -9,7 +9,7 @@`
`9`	`9`	`* Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group`
`10`	`10`	`* Portions Copyright (c) 1994, Regents of the University of California`
`11`	`11`	`*`
`12`		`- * $Id: pqcomm.h,v 1.67 2002/08/2715:15:23 momjian Exp $`
	`12`	`+ * $Id: pqcomm.h,v 1.68 2002/08/2716:21:51 momjian Exp $`
`13`	`13`	`*`
`14`	`14`	`*-------------------------------------------------------------------------`
`15`	`15`	`*/`
`@@ -111,16 +111,13 @@ typedef uint32 PacketLen;`
`111`	`111`	`*/`
`112`	`112`
`113`	`113`	`/*`
`114`		`- * FIXME: remove the fixed size limitations on database & user name, use`
`115`		`- * variable length fields instead. The actual values will still be`
`116`		`- * limited by NAMEDATALEN, but this will at least allow changing`
`117`		`- * NAMEDATALEN to increase database & user name limits without changing`
`118`		`- * the protocol. -neilc, 2002/08/27`
	`114`	`+ * FIXME: remove the fixed size limitations on the database name, user`
	`115`	`+ * name, and options fields and use a variable length field instead. The`
	`116`	`+ * actual limits on database & user name will then be NAMEDATALEN, which`
	`117`	`+ * can be changed without changing the FE/BE protocol. -neilc,2002/08/27`
`119`	`118`	`*/`
`120`	`119`
`121`		`-/* These should all be of near-unlimited length, perhap 10k */`
`122`	`120`	`#defineSM_DATABASE64`
`123`		`-/* SM_USER should be the same size as the others. bjm 2002-06-02 */`
`124`	`121`	`#defineSM_USER32`
`125`	`122`	`/* We append database name if db_user_namespace true. */`
`126`	`123`	`#defineSM_DATABASE_USER (SM_DATABASE+SM_USER+1)/* +1 for @ */`

`‎src/interfaces/libpq/fe-connect.c`

Lines changed: 7 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@`
`8`	`8`	`*`
`9`	`9`	`*`
`10`	`10`	`* IDENTIFICATION`
`11`		`- * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.196 2002/08/2715:02:50 momjian Exp $`
	`11`	`+ * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.197 2002/08/2716:21:51 momjian Exp $`
`12`	`12`	`*`
`13`	`13`	`*-------------------------------------------------------------------------`
`14`	`14`	`*/`
`@@ -1132,7 +1132,7 @@ connectDBComplete(PGconn *conn)`
`1132`	`1132`	`/*`
`1133`	`1133`	`* If connecting timeout is set, calculate remain time.`
`1134`	`1134`	`*/`
`1135`		`-if (NULL!=rp)`
	`1135`	`+if (rp!=NULL)`
`1136`	`1136`	`{`
`1137`	`1137`	`if (gettimeofday(&finish_time,NULL)==-1)`
`1138`	`1138`	`{`
`@@ -1152,8 +1152,8 @@ connectDBComplete(PGconn *conn)`
`1152`	`1152`	`remains.tv_sec-=finish_time.tv_sec-start_time.tv_sec;`
`1153`	`1153`	`}`
`1154`	`1154`	`}`
`1155`		`-conn->status=CONNECTION_BAD;`
`1156`		`-return0;`
	`1155`	`+conn->status=CONNECTION_BAD;`
	`1156`	`+return0;`
`1157`	`1157`	`}`
`1158`	`1158`
`1159`	`1159`	`/* ----------------`
`@@ -1162,7 +1162,8 @@ connectDBComplete(PGconn *conn)`
`1162`	`1162`	`* Poll an asynchronous connection.`
`1163`	`1163`	`*`
`1164`	`1164`	`* Returns a PostgresPollingStatusType.`
`1165`		`- * Before calling this function, use select(2) to determine when data arrive.`
	`1165`	`+ * Before calling this function, use select(2) to determine when data`
	`1166`	`+ * has arrived..`
`1166`	`1167`	`*`
`1167`	`1168`	`* You must call PQfinish whether or not this fails.`
`1168`	`1169`	`*`
`@@ -1356,7 +1357,7 @@ PQconnectPoll(PGconn *conn)`
`1356`	`1357`	`{`
`1357`	`1358`	`if (pqGets(&conn->errorMessage,conn))`
`1358`	`1359`	`{`
`1359`		`-/* We'll come back when thereare more data */`
	`1360`	`+/* We'll come back when thereis more data */`
`1360`	`1361`	`returnPGRES_POLLING_READING;`
`1361`	`1362`	`}`
`1362`	`1363`	`/* OK, we read the message; mark data consumed */`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commita1c218c

File tree

3 files changed

3 files changed

`‎src/backend/libpq/auth.c`

`‎src/include/libpq/pqcomm.h`

`‎src/interfaces/libpq/fe-connect.c`

0 commit comments