Re: [BUGS] BUG #1270: stack overflow in thread in fe_getauthname

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc: Peter Davie <Peter(dot)Davie(at)relevance(dot)com(dot)au>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: [BUGS] BUG #1270: stack overflow in thread in fe_getauthname
Date: 2004-10-09 05:06:58
Message-ID: 24145.1097298418@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> What do people think about using (sizeof(struct passwd) + BUFLEN/2) rather
> than BUFLEN for the getpwuid_r size, or (sizeof(struct passwd) + MAXPGPATH*2)?
> That would reduce the stack requirements and still be safe, I think.

Why bother?

Peter did not say what his closed-source app could tolerate. Without
that knowledge you're just flying blind about fixing his problem.
I see no reason to risk creating buffer-overflow issues for other people
in order to make a maybe-or-maybe-not improvement for one rather broken
closed-source app...

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Oliver Elphick 2004-10-09 06:18:56 Re: Inability to cast regclass is too restrictive
Previous Message Tom Lane 2004-10-09 04:45:13 Re: more dirmod CYGWIN (was: APR 1.0 released)