Skip site navigation (1) Skip section navigation (2)

Bug Report with Postgres 7.4 on AIX 5.3

From: Vincent Vanwynsberghe <vvanwynsberghe(at)ccncsi(dot)net>
To: pgsql-ports(at)postgresql(dot)org, pgsql-bugs(at)postgresql(dot)org
Subject: Bug Report with Postgres 7.4 on AIX 5.3
Date: 2005-05-10 08:07:51
Message-ID: IKEPJJEJDCJPKMLEECEDGEIHCCAA.vvanwynsberghe@ccncsi.net (view raw or flat)
Thread:
Lists: pgsql-bugspgsql-ports
Dear Support,

We try to install Postgres 7.4 on AIX 5.3 (IBM,9111-520).
The compilation is good and we are able to start the postmaster.
When we try to start the psql we got the following error :
FATAL:  unsupported frontend protocol 0.0: server supports 1.0 to 3.0

We run the psql under the AIX debugger dbx and our conclusions are the
following :

In the file fe-connect.c we try to copy a area of 1025 in the
conn->raddr.addr area but the size of that area is only 144.
The result is a corruption of the pg_conn structure

 +1175                                          /* Remember current address
for possible error msg */
 +1176                                          memcpy(&conn->raddr.addr,
addr_cur->ai_addr,
 +1177
addr_cur->ai_addrlen);


The addr_cur->ai_addrlen is set with the sizeof(struct sockaddr_un) in the
file ip.c.

In the file libpq-int.h the structure pg_conn contains 2 fields SockAddr
 * PGconn stores all the state data associated with a single connection
 * to a backend.
 */
struct pg_conn
{
...
 SockAddr        laddr;                  /* Local address */
 SockAddr        raddr;
...
}

The structure SockAddr is defined in the file pqcomm.h

typedef struct
{
        struct sockaddr_storage addr;
        ACCEPT_TYPE_ARG3 salen;
} SockAddr;


On Our AIX 5.3 the sockaddr_un is defined in the file /usr/include/sys/un.h

#if defined(COMPAT_43) && !defined(_KERNEL)
struct  sockaddr_un {
        ushort_t        sun_family;     /* AF_UNIX */
        char        sun_path[PATH_MAX]; /* changed from 104 to PATH_MAX to
support long user names */
};
#else
struct  sockaddr_un {
        uchar_t     sun_len;            /* sockaddr len including null */
        sa_family_t sun_family;         /* AF_UNIX */
        char        sun_path[PATH_MAX]; /* changed from 104 to PATH_MAX to
support long user names */
};
#endif /* COMPAT_43 && !_KERNEL */

PATH_MAX is defined in the file /usr/include/sys/limits.h

#if _POSIX_C_SOURCE >= 200112L && !(defined _ALL_SOURCE) ||
defined(_PATHMAX_HAS_NULL)
#define PATH_MAX        1024            /* max number of bytes in a
pathname.
                                           includes a terminating null */
#else
#define PATH_MAX        1023
#endif

In our platform the sizeof of struct  sockaddr_un is 1025 and the sizeof of
SockAddr is 144.
In conclusion the instructions done in the function PQconnectPoll cause a
memory overflow !!!

+1175                                          /* Remember current address
for possible error msg */
+1176                                          memcpy(&conn->raddr.addr,
addr_cur->ai_addr,
+1177
addr_cur->ai_addrlen);

Are you aware about this problem ?
Could you give us a way to solve the problem ?

Kind Regards,
Vincent Vanwynsberghe


Responses

pgsql-ports by date

Next:From: Mohan, RossDate: 2005-05-10 15:18:18
Subject: AIX5.2 compile for PG 8.0.2. -- solution
Previous:From: Mohan, RossDate: 2005-05-07 23:19:26
Subject: Re: AIX5.2 compile for PG 8.0.2. -- novice installer

pgsql-bugs by date

Next:From: jofferDate: 2005-05-10 10:43:29
Subject: unsuscribe
Previous:From: Tom LaneDate: 2005-05-09 21:01:34
Subject: Re: BUG #1655: trapping errors doesn't work

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group