Skip site navigation (1) Skip section navigation (2)

Re: More thoughts about FE/BE protocol

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Steve Crawford <scrawford(at)pinpointresearch(dot)com>
Cc: pgsql-hackers(at)postgreSQL(dot)org, pgsql-interfaces(at)postgreSQL(dot)org
Subject: Re: More thoughts about FE/BE protocol
Date: 2003-04-10 16:38:46
Message-ID: 4809.1049992726@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackerspgsql-interfaces
Steve Crawford <scrawford(at)pinpointresearch(dot)com> writes:
> What would be the recovery/re-sync mechanism for those cases where the 
> message is, either accidentally or maliciously, longer or shorter than the 
> described length?

Once you're out of sync, there's not much to do except abandon the
connection.  The detection mechanism for this would have two parts:
(a) noticing an invalid message type code; (b) some kind of sanity
check on the message length field.  Also, if we insist that the internal
layout of each message still permits detection of the end (eg, we still
use null-terminated strings and so on), we could test for bytes being
left over in the byte count.

> Without proper timeout/recovery mechanisms a too-short message could cause 
> the receiver to effectively hang.

I see no need to try to solve the Byzantine-generals problem here.
A malicious attacker who's been able to connect to your database can
do lots worse damage than just make the backend hang up.

In the years I've been working with Postgres, I've never seen an
out-of-sync problem that didn't arise directly from the lack-of-error-
recovery deficiencies that this proposal addresses.  I don't see any
point in complicating the protocol still further to handle failures that
don't arise in practice.

			regards, tom lane


In response to

pgsql-hackers by date

Next:From: Hannu KrosingDate: 2003-04-10 16:50:35
Subject: Re: More thoughts about FE/BE protocol
Previous:From: Barry LindDate: 2003-04-10 16:32:40
Subject: Re: Charset encoding and accents

pgsql-interfaces by date

Next:From: Hannu KrosingDate: 2003-04-10 16:50:35
Subject: Re: More thoughts about FE/BE protocol
Previous:From: Daniel Bruce LynesDate: 2003-04-10 16:34:49
Subject: Re: Inquiry From Form [pgsql]

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group