Skip site navigation (1) Skip section navigation (2)

Re: psql with GSS can crash

From: Zdenek Kotala <Zdenek(dot)Kotala(at)Sun(dot)COM>
To: Magnus Hagander <magnus(at)hagander(dot)net>
Cc: PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: psql with GSS can crash
Date: 2010-03-01 08:26:48
Message-ID: 1267432008.1354.40.camel@localhost (view raw or flat)
Thread:
Lists: pgsql-hackers
Magnus Hagander píše v čt 25. 02. 2010 v 15:17 +0100:
> On Thu, Feb 25, 2010 at 15:04, Zdenek Kotala <Zdenek(dot)Kotala(at)sun(dot)com> wrote:
> > Hi all,
> >
> > I got following stack:
> >
> >  fffffd7ffed14b70 strlen () + 40
> >  fffffd7ffed71665 snprintf () + e5
> >  fffffd7fff36d088 pg_GSS_startup () + 88
> >  fffffd7fff36d43a pg_fe_sendauth () + 15a
> >  fffffd7fff36e557 PQconnectPoll () + 3b7
> >  fffffd7fff36e152 connectDBComplete () + a2
> >  fffffd7fff36dc32 PQsetdbLogin () + 1b2
> >  000000000041e96d main () + 30d
> >  000000000041302c ???????? ()
> >
> > It seems that connection is not fully configured and krbsrvname or pghost is
> > not filled. Following code in fe-auth.c pg_GSS_startup() causes a crash:
> >
> >    440         maxlen = NI_MAXHOST + strlen(conn->krbsrvname) + 2;
> >    441         temp_gbuf.value = (char *) malloc(maxlen);
> >    442         snprintf(temp_gbuf.value, maxlen, "%s(at)%s",
> >    443                          conn->krbsrvname, conn->pghost);
> >    444         temp_gbuf.length = strlen(temp_gbuf.value);
> >
> > And following code in fe-connect.c fillPGconn() fill NULL value.
> >
> >    571         tmp = conninfo_getval(connOptions, "krbsrvname");
> >    572         conn->krbsrvname = tmp ? strdup(tmp) : NULL;
> >
> > I think that pg_GSS_startup should sanity the input.
> 
> How did you get NULL in there? :-)
> There's a default set for that one that's PG_KRB_SRVNAM, so it really
> should never come out as NULL, I think...

Yeah, you are right. conn->krbsrvname is "postgres" and conn->pghost is
null

> As for pghost, that certainly seems to be a bug. We check that one in
> krb5 and SSPI, but for some reason we seem to be missing it in GSSAPI.

Yes. The check should be in GSSAPI too.

However what I see in pg_hba.conf is following line:

local   all         all                               gss

Gss is used on local unix socket which probably cause a problem that
conn->pghost is not filled when psql tries to connect.

	thanks Zdenek



	Zdenek



In response to

Responses

pgsql-hackers by date

Next:From: Takahiro ItagakiDate: 2010-03-01 08:47:40
Subject: Re: C libpq frontend library fetchsize
Previous:From: Gokulakannan SomasundaramDate: 2010-03-01 06:41:09
Subject: Re: A thought on Index Organized Tables

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group