| From: | Kyotaro Horiguchi <horikyota(dot)ntt(at)gmail(dot)com> |
|---|---|
| To: | bertranddrouvot(dot)pg(at)gmail(dot)com |
| Cc: | tgl(at)sss(dot)pgh(dot)pa(dot)us, nathandbossart(at)gmail(dot)com, michael(at)paquier(dot)xyz, pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: ProcessStartupPacket(): database_name and user_name truncation |
| Date: | 2023-07-03 01:50:45 |
| Message-ID: | 20230703.105045.1268007612485709897.horikyota.ntt@gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
At Fri, 30 Jun 2023 19:32:50 +0200, "Drouvot, Bertrand" <bertranddrouvot(dot)pg(at)gmail(dot)com> wrote in
> Hi,
>
> On 6/30/23 5:54 PM, Tom Lane wrote:
> > Nathan Bossart <nathandbossart(at)gmail(dot)com> writes:
> >> After taking another look at this, I wonder if it'd be better to fail
> >> as
> >> soon as we see the database or user name is too long instead of
> >> lugging
> >> them around when authentication is destined to fail.
For the record, if I understand Nathan correctly, it is what I
suggested in my initial post. If this is correct, +1 for the suggestion.
me> I think we might want to consider outright rejecting the
me> estblishment of a connection when the given database name doesn't
me> fit the startup packet
> > If we're agreed that we aren't going to truncate these identifiers,
> > that seems like a reasonable way to handle it.
> >
>
> Yeah agree, thanks Nathan for the idea.
> I'll work on a new patch version proposal.
regards.
--
Kyotaro Horiguchi
NTT Open Source Software Center
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kyotaro Horiguchi | 2023-07-03 02:09:58 | Re: ProcessStartupPacket(): database_name and user_name truncation |
| Previous Message | Thomas Munro | 2023-07-03 01:49:02 | Re: check_strxfrm_bug() |