Re: BUG #1270: stack overflow in thread in fe_getauthname

Oops. Yep, that is sloppy programming on our part, perhaps my part if I
added those. Anyway, patch attached and applied. I used the proper
struct sizes instead of BUFSIZ.

This will be in 8.0. I think it is too risky for 7.4.X but if others
disagree, let me know.

---------------------------------------------------------------------------

PostgreSQL Bugs List wrote:
>
> The following bug has been logged online:
>
> Bug reference: 1270
> Logged by: Peter Davie
>
> Email address: Peter(dot)Davie(at)relevance(dot)com(dot)au
>
> PostgreSQL version: 7.4.5
>
> Operating system: OSF/1 4.0f
>
> Description: stack overflow in thread in fe_getauthname
>
> Details:
>
> With the THREAD_SAFETY changes, a buffer is defined on the stack as:
> char pwdbuf[BUFSIZ];
>
> This buffer overflows the stack when used in a thread. As the application
> creating the thread cannot be modified to increase the stack size, it would
> probably be prudent to reduce this buffer size (I believe that BUFSIZ is
> around 8192 bytes on most modern Unix implementations).
>
> To rectify this issue (seg faults attempting to connect to the database), I
> replaced the above declaration with:
> char pwdbuf[1024];
> Obviously, a manifest constant would be better!
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster
>

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073