| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Joe Conway <mail(at)joeconway(dot)com> |
| Cc: | Marko Kreen <markokr(at)gmail(dot)com>, Postgres Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: [patch] fix dblink security hole |
| Date: | 2008-09-22 02:00:01 |
| Message-ID: | 21818.1222048801@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Joe Conway <mail(at)joeconway(dot)com> writes:
> Tom Lane wrote:
>> Uh, you're confusing the backend environment with libpq's much more
>> spartan lifestyle. errmsg will be malloc'd and it will *not* go away
>> unless the caller free()s it.
> Yup, just figured that out. Otherwise OK with it?
Yeah. We could make one further refinement: callers that don't care
about acquiring an error string can pass NULL for the errmsg parameter.
That tells PQconninfoParse to throw away the errmsg string anyway.
With that, the minimal case isn't much uglier than your original:
just need a NULL arg tacked onto the call.
BTW, the usual method for doing this is just to give the caller back the
errorBuf.data, not incur an additional strdup that could fail.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2008-09-22 02:07:27 | Re: Proposal: move column defaults into pg_attribute along with attacl |
| Previous Message | Joe Conway | 2008-09-22 01:55:33 | Re: [patch] fix dblink security hole |