From: Magnus Hagander <magnus@hagander.net>
Date: Mon, 23 Jul 2007 18:12:56 +0000 (+0000)
Subject: The correct min buffer size is
X-Git-Url: http://waps.l3s.uni-hannover.de/gitweb/?a=commitdiff_plain;h=7307430752db554246bce3674cdeda3f87b6e81a;p=users%2Fbernd%2Fpostgres.git

The correct min buffer size is
INITIAL_EXPBUFFER_SIZE, not PQERRORMSG_LENGTH.

Backpatch only, the proper fix in HEAD is
to use PQExpBuffers everywhere.
---

diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c
index a6dceea824..024ae0e348 100644
--- a/src/interfaces/libpq/fe-auth.c
+++ b/src/interfaces/libpq/fe-auth.c
@@ -170,7 +170,7 @@ pg_krb4_authname(char *PQerrormsg)
 	status = krb_get_tf_fullname(tkt_string(), name, instance, realm);
 	if (status != KSUCCESS)
 	{
-		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+		snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 				 "pg_krb4_authname: krb_get_tf_fullname: %s\n",
 				 krb_err_txt[status]);
 		return NULL;
@@ -228,7 +228,7 @@ pg_krb4_sendauth(char *PQerrormsg, int sock,
 						  PG_KRB4_VERSION);
 	if (status != KSUCCESS)
 	{
-		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+		snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 				 libpq_gettext("Kerberos 4 error: %s\n"),
 				 krb_err_txt[status]);
 		return STATUS_ERROR;
@@ -294,7 +294,7 @@ pg_krb5_init(char *PQerrormsg)
 	retval = krb5_init_context(&pg_krb5_context);
 	if (retval)
 	{
-		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+		snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 				 "pg_krb5_init: krb5_init_context: %s\n",
 				 error_message(retval));
 		return STATUS_ERROR;
@@ -303,7 +303,7 @@ pg_krb5_init(char *PQerrormsg)
 	retval = krb5_cc_default(pg_krb5_context, &pg_krb5_ccache);
 	if (retval)
 	{
-		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+		snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 				 "pg_krb5_init: krb5_cc_default: %s\n",
 				 error_message(retval));
 		krb5_free_context(pg_krb5_context);
@@ -314,7 +314,7 @@ pg_krb5_init(char *PQerrormsg)
 								   &pg_krb5_client);
 	if (retval)
 	{
-		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+		snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 				 "pg_krb5_init: krb5_cc_get_principal: %s\n",
 				 error_message(retval));
 		krb5_cc_close(pg_krb5_context, pg_krb5_ccache);
@@ -325,7 +325,7 @@ pg_krb5_init(char *PQerrormsg)
 	retval = krb5_unparse_name(pg_krb5_context, pg_krb5_client, &pg_krb5_name);
 	if (retval)
 	{
-		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+		snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 				 "pg_krb5_init: krb5_unparse_name: %s\n",
 				 error_message(retval));
 		krb5_free_principal(pg_krb5_context, pg_krb5_client);
@@ -367,7 +367,13 @@ pg_krb5_sendauth(char *PQerrormsg, int sock, const char *hostname)
 	krb5_principal server;
 	krb5_auth_context auth_context = NULL;
 	krb5_error *err_ret = NULL;
-	int			flags;
+
+	if (!hostname)
+	{
+		snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
+				 "pg_krb5_sendauth: hostname must be specified for Kerberos authentication\n");
+		return STATUS_ERROR;
+	}
 
 	ret = pg_krb5_init(PQerrormsg);
 	if (ret != STATUS_OK)
@@ -377,7 +383,7 @@ pg_krb5_sendauth(char *PQerrormsg, int sock, const char *hostname)
 									 KRB5_NT_SRV_HST, &server);
 	if (retval)
 	{
-		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+		snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 				 "pg_krb5_sendauth: krb5_sname_to_principal: %s\n",
 				 error_message(retval));
 		return STATUS_ERROR;
@@ -388,12 +394,11 @@ pg_krb5_sendauth(char *PQerrormsg, int sock, const char *hostname)
 	 * socket, and we have to block somehow to do mutual authentication
 	 * anyway. So we temporarily make it blocking.
 	 */
-	flags = fcntl(sock, F_GETFL);
-	if (flags < 0 || fcntl(sock, F_SETFL, (long) (flags & ~O_NONBLOCK)))
+	if (!pg_set_block(sock))
 	{
 		char		sebuf[256];
 
-		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+		snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 				 libpq_gettext("could not set socket to blocking mode: %s\n"), pqStrerror(errno, sebuf, sizeof(sebuf)));
 		krb5_free_principal(pg_krb5_context, server);
 		return STATUS_ERROR;
@@ -410,11 +415,11 @@ pg_krb5_sendauth(char *PQerrormsg, int sock, const char *hostname)
 		if (retval == KRB5_SENDAUTH_REJECTED && err_ret)
 		{
 #if defined(HAVE_KRB5_ERROR_TEXT_DATA)
-			snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+			snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 			  libpq_gettext("Kerberos 5 authentication rejected: %*s\n"),
 					 (int) err_ret->text.length, err_ret->text.data);
 #elif defined(HAVE_KRB5_ERROR_E_DATA)
-			snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+			snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 			  libpq_gettext("Kerberos 5 authentication rejected: %*s\n"),
 					 (int) err_ret->e_data->length,
 					 (const char *) err_ret->e_data->data);
@@ -424,7 +429,7 @@ pg_krb5_sendauth(char *PQerrormsg, int sock, const char *hostname)
 		}
 		else
 		{
-			snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+			snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 					 "krb5_sendauth: %s\n", error_message(retval));
 		}
 
@@ -436,11 +441,11 @@ pg_krb5_sendauth(char *PQerrormsg, int sock, const char *hostname)
 
 	krb5_free_principal(pg_krb5_context, server);
 
-	if (fcntl(sock, F_SETFL, (long) flags))
+	if (!pg_set_noblock(sock))
 	{
 		char		sebuf[256];
 
-		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+		snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 				 libpq_gettext("could not restore non-blocking mode on socket: %s\n"),
 				 pqStrerror(errno, sebuf, sizeof(sebuf)));
 		ret = STATUS_ERROR;
@@ -500,14 +505,14 @@ pg_local_sendauth(char *PQerrormsg, PGconn *conn)
 	{
 		char		sebuf[256];
 
-		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+		snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 				 "pg_local_sendauth: sendmsg: %s\n",
 				 pqStrerror(errno, sebuf, sizeof(sebuf)));
 		return STATUS_ERROR;
 	}
 	return STATUS_OK;
 #else
-	snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+	snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 		libpq_gettext("SCM_CRED authentication method not supported\n"));
 	return STATUS_ERROR;
 #endif
@@ -599,15 +604,14 @@ fe_sendauth(AuthRequest areq, PGconn *conn, const char *hostname,
 							   (struct sockaddr_in *) & conn->raddr.addr,
 								 hostname) != STATUS_OK)
 			{
-				snprintf(PQerrormsg, PQERRORMSG_LENGTH,
-					libpq_gettext("Kerberos 4 authentication failed\n"));
+				/* PQerrormsg already filled in */
 				pgunlock_thread();
 				return STATUS_ERROR;
 			}
 			pgunlock_thread();
 			break;
 #else
-			snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+			snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 			 libpq_gettext("Kerberos 4 authentication not supported\n"));
 			return STATUS_ERROR;
 #endif
@@ -618,15 +622,14 @@ fe_sendauth(AuthRequest areq, PGconn *conn, const char *hostname,
 			if (pg_krb5_sendauth(PQerrormsg, conn->sock,
 								 hostname) != STATUS_OK)
 			{
-				snprintf(PQerrormsg, PQERRORMSG_LENGTH,
-					libpq_gettext("Kerberos 5 authentication failed\n"));
+				/* PQerrormsg already filled in */
 				pgunlock_thread();
 				return STATUS_ERROR;
 			}
 			pgunlock_thread();
 			break;
 #else
-			snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+			snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 			 libpq_gettext("Kerberos 5 authentication not supported\n"));
 			return STATUS_ERROR;
 #endif
@@ -636,13 +639,13 @@ fe_sendauth(AuthRequest areq, PGconn *conn, const char *hostname,
 		case AUTH_REQ_PASSWORD:
 			if (password == NULL || *password == '\0')
 			{
-				(void) snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+				(void) snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 								PQnoPasswordSupplied);
 				return STATUS_ERROR;
 			}
 			if (pg_password_sendauth(conn, password, areq) != STATUS_OK)
 			{
-				(void) snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+				(void) snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 				 "fe_sendauth: error sending password authentication\n");
 				return STATUS_ERROR;
 			}
@@ -654,7 +657,7 @@ fe_sendauth(AuthRequest areq, PGconn *conn, const char *hostname,
 			break;
 
 		default:
-			snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+			snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 					 libpq_gettext("authentication method %u not supported\n"), areq);
 			return STATUS_ERROR;
 	}
@@ -691,7 +694,7 @@ fe_setauthsvc(const char *name, char *PQerrormsg)
 		}
 	if (i == n_authsvcs)
 	{
-		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+		snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 				 libpq_gettext("invalid authentication service name \"%s\", ignored\n"),
 				 name);
 	}
@@ -764,7 +767,7 @@ fe_getauthname(char *PQerrormsg)
 	}
 
 	if (authsvc != STARTUP_MSG && authsvc != STARTUP_KRB4_MSG && authsvc != STARTUP_KRB5_MSG)
-		snprintf(PQerrormsg, PQERRORMSG_LENGTH,
+		snprintf(PQerrormsg, INITIAL_EXPBUFFER_SIZE,
 				 libpq_gettext("fe_getauthname: invalid authentication system: %d\n"),
 				 authsvc);
 
diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c
index 75a35b7482..8a8cd286a4 100644
--- a/src/interfaces/libpq/fe-connect.c
+++ b/src/interfaces/libpq/fe-connect.c
@@ -2661,7 +2661,7 @@ conninfo_parse(const char *conninfo, PQExpBuffer errorMessage)
 	char	   *cp2;
 	PQconninfoOption *options;
 	PQconninfoOption *option;
-	char		errortmp[PQERRORMSG_LENGTH];
+	char		errortmp[INITIAL_EXPBUFFER_SIZE];
 
 	/* Make a working copy of PQconninfoOptions */
 	options = malloc(sizeof(PQconninfoOptions));
diff --git a/src/interfaces/libpq/libpq-int.h b/src/interfaces/libpq/libpq-int.h
index 3ea7f995eb..2c291f03c4 100644
--- a/src/interfaces/libpq/libpq-int.h
+++ b/src/interfaces/libpq/libpq-int.h
@@ -53,7 +53,6 @@ typedef int ssize_t;			/* ssize_t doesn't exist in VC (at least
 /*
  * POSTGRES backend dependent Constants.
  */
-#define PQERRORMSG_LENGTH 1024
 #define CMDSTATUS_LEN 40
 
 /*