The proper guaranteed buffer size for errors is

INITIAL_EXPBUFFER_SIZE, not PQERRORMSG_LENGTH.

Backport only - the proper fix in HEAD is to
use PQExpBuffers everywhere.

diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c
index 31898f08f516dc04951665057cd60096b8ab75e7..03c001b26f8b751670f2cd40eb48261f3d1dc247 100644 (file)
--- a/src/interfaces/libpq/fe-auth.c
+++ b/src/interfaces/libpq/fe-auth.c
@@ -170,7 +170,7 @@ pg_krb4_authname(char *PQerrormsg)
        status = krb_get_tf_fullname(tkt_string(), name, instance, realm);
        if (status != KSUCCESS)
        {
-               snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+               snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                 "pg_krb4_authname: krb_get_tf_fullname: %s\n",
                                 krb_err_txt[status]);
                return (char *) NULL;
@@ -228,7 +228,7 @@ pg_krb4_sendauth(char *PQerrormsg, int sock,
                                                  PG_KRB4_VERSION);
        if (status != KSUCCESS)
        {
-               snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+               snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                 libpq_gettext("Kerberos 4 error: %s\n"),
                                 krb_err_txt[status]);
                return STATUS_ERROR;
@@ -291,7 +291,7 @@ pg_krb5_init(char *PQerrormsg)
        retval = krb5_init_context(&pg_krb5_context);
        if (retval)
        {
-               snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+               snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                 "pg_krb5_init: krb5_init_context: %s\n",
                                 error_message(retval));
                return STATUS_ERROR;
@@ -300,7 +300,7 @@ pg_krb5_init(char *PQerrormsg)
        retval = krb5_cc_default(pg_krb5_context, &pg_krb5_ccache);
        if (retval)
        {
-               snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+               snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                 "pg_krb5_init: krb5_cc_default: %s\n",
                                 error_message(retval));
                krb5_free_context(pg_krb5_context);
@@ -311,7 +311,7 @@ pg_krb5_init(char *PQerrormsg)
                                                                   &pg_krb5_client);
        if (retval)
        {
-               snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+               snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                 "pg_krb5_init: krb5_cc_get_principal: %s\n",
                                 error_message(retval));
                krb5_cc_close(pg_krb5_context, pg_krb5_ccache);
@@ -322,7 +322,7 @@ pg_krb5_init(char *PQerrormsg)
        retval = krb5_unparse_name(pg_krb5_context, pg_krb5_client, &pg_krb5_name);
        if (retval)
        {
-               snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+               snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                 "pg_krb5_init: krb5_unparse_name: %s\n",
                                 error_message(retval));
                krb5_free_principal(pg_krb5_context, pg_krb5_client);
@@ -374,7 +374,7 @@ pg_krb5_sendauth(char *PQerrormsg, int sock, const char *hostname)
                                                                         KRB5_NT_SRV_HST, &server);
        if (retval)
        {
-               snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+               snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                 "pg_krb5_sendauth: krb5_sname_to_principal: %s\n",
                                 error_message(retval));
                return STATUS_ERROR;
@@ -390,7 +390,7 @@ pg_krb5_sendauth(char *PQerrormsg, int sock, const char *hostname)
        {
                char            sebuf[256];
 
-               snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+               snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                 libpq_gettext("could not set socket to blocking mode: %s\n"), pqStrerror(errno, sebuf, sizeof(sebuf)));
                krb5_free_principal(pg_krb5_context, server);
                return STATUS_ERROR;
@@ -407,11 +407,11 @@ pg_krb5_sendauth(char *PQerrormsg, int sock, const char *hostname)
                if (retval == KRB5_SENDAUTH_REJECTED && err_ret)
                {
 #if defined(HAVE_KRB5_ERROR_TEXT_DATA)
-                       snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+                       snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                          libpq_gettext("Kerberos 5 authentication rejected: %*s\n"),
                                         (int) err_ret->text.length, err_ret->text.data);
 #elif defined(HAVE_KRB5_ERROR_E_DATA)
-                       snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+                       snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                          libpq_gettext("Kerberos 5 authentication rejected: %*s\n"),
                                         (int) err_ret->e_data->length,
                                         (const char *) err_ret->e_data->data);
@@ -421,7 +421,7 @@ pg_krb5_sendauth(char *PQerrormsg, int sock, const char *hostname)
                }
                else
                {
-                       snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+                       snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                         "krb5_sendauth: %s\n", error_message(retval));
                }
 
@@ -437,7 +437,7 @@ pg_krb5_sendauth(char *PQerrormsg, int sock, const char *hostname)
        {
                char            sebuf[256];
 
-               snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+               snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                 libpq_gettext("could not restore non-blocking mode on socket: %s\n"),
                                 pqStrerror(errno, sebuf, sizeof(sebuf)));
                ret = STATUS_ERROR;
@@ -497,14 +497,14 @@ pg_local_sendauth(char *PQerrormsg, PGconn *conn)
        {
                char            sebuf[256];
 
-               snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+               snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                 "pg_local_sendauth: sendmsg: %s\n",
                                 pqStrerror(errno, sebuf, sizeof(sebuf)));
                return STATUS_ERROR;
        }
        return STATUS_OK;
 #else
-       snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+       snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                libpq_gettext("SCM_CRED authentication method not supported\n"));
        return STATUS_ERROR;
 #endif
@@ -595,13 +595,13 @@ fe_sendauth(AuthRequest areq, PGconn *conn, const char *hostname,
                                                           (struct sockaddr_in *) & conn->raddr.addr,
                                                                 hostname) != STATUS_OK)
                        {
-                               snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+                               snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                        libpq_gettext("Kerberos 4 authentication failed\n"));
                                return STATUS_ERROR;
                        }
                        break;
 #else
-                       snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+                       snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                         libpq_gettext("Kerberos 4 authentication not supported\n"));
                        return STATUS_ERROR;
 #endif
@@ -611,13 +611,13 @@ fe_sendauth(AuthRequest areq, PGconn *conn, const char *hostname,
                        if (pg_krb5_sendauth(PQerrormsg, conn->sock,
                                                                 hostname) != STATUS_OK)
                        {
-                               snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+                               snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                        libpq_gettext("Kerberos 5 authentication failed\n"));
                                return STATUS_ERROR;
                        }
                        break;
 #else
-                       snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+                       snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                         libpq_gettext("Kerberos 5 authentication not supported\n"));
                        return STATUS_ERROR;
 #endif
@@ -627,13 +627,13 @@ fe_sendauth(AuthRequest areq, PGconn *conn, const char *hostname,
                case AUTH_REQ_PASSWORD:
                        if (password == NULL || *password == '\0')
                        {
-                               (void) snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+                               (void) snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                                                "fe_sendauth: no password supplied\n");
                                return STATUS_ERROR;
                        }
                        if (pg_password_sendauth(conn, password, areq) != STATUS_OK)
                        {
-                               (void) snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+                               (void) snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                 "fe_sendauth: error sending password authentication\n");
                                return STATUS_ERROR;
                        }
@@ -645,7 +645,7 @@ fe_sendauth(AuthRequest areq, PGconn *conn, const char *hostname,
                        break;
 
                default:
-                       snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+                       snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                         libpq_gettext("authentication method %u not supported\n"), areq);
                        return STATUS_ERROR;
        }
@@ -682,7 +682,7 @@ fe_setauthsvc(const char *name, char *PQerrormsg)
                }
        if (i == n_authsvcs)
        {
-               snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+               snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                 libpq_gettext("invalid authentication service name \"%s\", ignored\n"),
                                 name);
        }
@@ -753,7 +753,7 @@ fe_getauthname(char *PQerrormsg)
        }
 
        if (authsvc != STARTUP_MSG && authsvc != STARTUP_KRB4_MSG && authsvc != STARTUP_KRB5_MSG)
-               snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+               snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
                                 libpq_gettext("fe_getauthname: invalid authentication system: %d\n"),
                                 authsvc);
 

diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c
index 18a6fdedd1ca46e9b0eda57cd7a7d4026189f140..b2228914c48d4308d822a1692e563f79a49288dd 100644 (file)
--- a/src/interfaces/libpq/fe-connect.c
+++ b/src/interfaces/libpq/fe-connect.c
@@ -2540,7 +2540,7 @@ conninfo_parse(const char *conninfo, PQExpBuffer errorMessage)
        char       *cp2;
        PQconninfoOption *options;
        PQconninfoOption *option;
-       char            errortmp[PQERRORMSG_LENGTH];
+       char            errortmp[INITIAL_EXPBUFFER_SIZE];
 
        /* Make a working copy of PQconninfoOptions */
        options = malloc(sizeof(PQconninfoOptions));

diff --git a/src/interfaces/libpq/libpq-int.h b/src/interfaces/libpq/libpq-int.h
index 7bfe40e044ea3bf91008a64eacba68f76c3f0746..1a5d0cc18099efbf9df38d4bc40bd3b857d18723 100644 (file)
--- a/src/interfaces/libpq/libpq-int.h
+++ b/src/interfaces/libpq/libpq-int.h
@@ -50,7 +50,6 @@ typedef int ssize_t;                  /* ssize_t doesn't exist in VC (at least
 /*
  * POSTGRES backend dependent Constants.
  */
-#define PQERRORMSG_LENGTH 1024
 #define CMDSTATUS_LEN 40
 
 /*