Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit8ac0365

Browse files
committed
Avoid improbable null pointer dereference in pgpassfileWarning().
Coverity complained that we might pass a null pointer to strcmp()if PQresultErrorField were to return NULL. That shouldn't be possible,since the server is supposed to always provide some SQLSTATE or otherin an error message. But we usually defend against such hazards, andit only takes a little more code to do so here.There's no good reason to think this is a live bug, so no back-patch.
1 parent555494d commit8ac0365

File tree

1 file changed

+9
-8
lines changed

1 file changed

+9
-8
lines changed

‎src/interfaces/libpq/fe-connect.c

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -6312,22 +6312,23 @@ passwordFromFile(char *hostname, char *port, char *dbname,
63126312

63136313

63146314
/*
6315-
*If the connection failed, we should mention if
6316-
*we got the password from the pgpassfile in case that
6317-
*password is wrong.
6315+
*If the connection failed due to bad password, we should mention
6316+
*if we got the password from the pgpassfile.
63186317
*/
63196318
staticvoid
63206319
pgpassfileWarning(PGconn*conn)
63216320
{
63226321
/* If it was 'invalid authorization', add pgpassfile mention */
63236322
/* only works with >= 9.0 servers */
6324-
if (conn->pgpassfile_used&&conn->password_needed&&conn->result&&
6325-
strcmp(PQresultErrorField(conn->result,PG_DIAG_SQLSTATE),
6326-
ERRCODE_INVALID_PASSWORD)==0)
6323+
if (conn->pgpassfile_used&&conn->password_needed&&conn->result)
63276324
{
6328-
appendPQExpBuffer(&conn->errorMessage,
6325+
constchar*sqlstate=PQresultErrorField(conn->result,
6326+
PG_DIAG_SQLSTATE);
6327+
6328+
if (sqlstate&&strcmp(sqlstate,ERRCODE_INVALID_PASSWORD)==0)
6329+
appendPQExpBuffer(&conn->errorMessage,
63296330
libpq_gettext("password retrieved from file \"%s\"\n"),
6330-
conn->pgpassfile);
6331+
conn->pgpassfile);
63316332
}
63326333
}
63336334

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp