| From: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
|---|---|
| To: | Peter Eisentraut <peter(at)eisentraut(dot)org>, solai v <solai(dot)cdac(at)gmail(dot)com>, Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>, Daniel Gustafsson <daniel(at)yesql(dot)se> |
| Cc: | Mark Dilger <mark(dot)dilger(at)enterprisedb(dot)com>, Andres Freund <andres(at)anarazel(dot)de>, Lars Kanis <lars(at)greiz-reinsdorf(dot)de>, pgsql-hackers(at)lists(dot)postgresql(dot)org, Merlin Moncure <mmoncure(at)gmail(dot)com> |
| Subject: | Re: libpq: Process buffered SSL read bytes to support records >8kB on async API |
| Date: | 2026-07-09 15:52:12 |
| Message-ID: | 1f35da9d-be6a-49df-9c56-e24c914c85a1@iki.fi |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 09/07/2026 15:55, Heikki Linnakangas wrote:
> On 08/07/2026 22:16, Peter Eisentraut wrote:
>> In pqDrainPending(), there is
>>
>> nread = pqsecure_read(conn, conn->inBuffer + conn->inEnd,
>> bytes_pending);
>> conn->inEnd += nread;
>>
>> But pqsecure_read() can return -1 for error. So adding that to conn-
>> >inEnd at that point seems wrong.
>>
>> There is error handling in the following code, but this would still
>> kind of corrupt the conn->inEnd value?
>>
>> /* When there are bytes pending, the read function is not
>> supposed to fail */
>> if (nread != bytes_pending)
>> {
>> libpq_append_conn_error(conn,
>> "drained only %zu of %zd pending
>> bytes in transport buffer",
>> nread, bytes_pending);
>> return -1;
>> }
>>
>> I'm not sure if that comment means that a -1 return cannot happen? Or
>> just that the whole error check should not happen?
>
> The comment in pgsecure_bytes_pending() says:
>
>> * If pqsecure_read() is called for this number of bytes, it's
>> guaranteed to
>> * return successfully without reading from the underlying socket. See
>> * pqDrainPending() for a more complete discussion of the concepts
>> involved.
>
> so as long as pqsecure_read() and pqsecure_read_pending() honor that
> contract, pqsecure_read() should not return an error. I agree that's a
> bit sloppy though, we should still check the return value.
>
> The intention was also that it cannot do a short read, but that wasn't
> quite clear from the comment either.
>
>> Also note that the format placeholder for nread is wrong. If you do
>> get a -1, it will print some large unsigned value.
>
> Good catch.
>
> Patch attached to clean up all that.
Committed that, and Daniel's #include fix for LibreSSL too.
- Heikki
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Nathan Bossart | 2026-07-09 16:10:19 | Re: remove WaitEventCustomCounterData |
| Previous Message | Greg Burd | 2026-07-09 15:41:08 | Re: Tepid: selective index updates for heap relations |