| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Michael Paquier <michael(at)paquier(dot)xyz> |
| Cc: | wurongxin(at)xmu(dot)edu(dot)cn, pgsql-bugs(at)lists(dot)postgresql(dot)org |
| Subject: | Re: BUG #16070: A double-free bug in interfaces/libpq/fe-secure-openssl.c |
| Date: | 2019-10-21 03:44:25 |
| Message-ID: | 15038.1571629465@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
Michael Paquier <michael(at)paquier(dot)xyz> writes:
> The docs of OpenSSL mention the use of both successively, where
> ENGINE_free() does the cleanup after ENGINE_by_id(), and
> ENGINE_finish() cleans up after ENGINE_init():
> https://www.openssl.org/docs/man1.1.0/man3/ENGINE_finish.html
Yeah, that reference page pretty definitely agrees with what
we're doing.
> And an actual issue is that we have no coverage for it:
> https://coverage.postgresql.org/src/interfaces/libpq/fe-secure-openssl.c.gcov.html
Oh, hmm ... I'd supposed that the code in question was exercised
in normal SSL connections, but now I see it's not so. It looks
like you need a non-default SSL "engine" to be available?? Might
be hard to test this as a routine thing if it requires additional
software.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tatsuo Ishii | 2019-10-21 05:02:17 | Re: BUG #16035: STATEMENT_TIMEOUT not working when we have single quote usage inside CTE which is used in inner sql |
| Previous Message | Michael Paquier | 2019-10-21 03:25:37 | Re: BUG #16070: A double-free bug in interfaces/libpq/fe-secure-openssl.c |