Re: Re: [HACKERS] BUG #13854: SSPI authentication failure: wrong realm name used

Christian Ullrich wrote:
> * Christian Ullrich wrote:
>
> >* From: Magnus Hagander [mailto:magnus(at)hagander(dot)net]

> >>Code uses a mix of malloc() and palloc() (through sprintf). Is there a
> >>reason for that?
> >
> >I wasn't sure which to prefer, so I looked around in auth.c, and other than
> >RADIUS, everything seems to use malloc() (although the sample size is not
> >too great). Should I use palloc() instead?
>
> The single instance of malloc() has been replaced with palloc().

I'm wary of palloc() in this code actually ... if the allocation fails,
I'm not sure it's okay to use ereport(ERROR) which is what would happen
with palloc. With the malloc code, you report the problem with
elog(LOG) and then return STATUS_ERROR which lets the calling code
handle the failure in a different way. I didn't actually review your
new code, but I recall this from previous readings of auth code; so if
you're going to use palloc(), you better audit what happens on OOM.

For the same reason, using psprintf is probably not acceptable either.

--
Álvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services