| From: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
|---|---|
| To: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | some SCRAM read_any_attr() confusion |
| Date: | 2019-08-17 08:11:27 |
| Message-ID: | 2fb8a15b-de35-682d-a77b-edcc9c52fa12@2ndquadrant.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
I was a bit confused by some of the comments around the SCRAM function
read_any_attr(), used to skip over extensions.
The comment "Returns NULL if there is attribute.", besides being
strangely worded, appears to be wrong anyway, because the function never
returns NULL.
This lead me to wonder how this loop would terminate if there is no "p"
attribute in the message:
/* ignore optional extensions */
do
{
proof = p - 1;
value = read_any_attr(&p, &attr);
} while (attr != 'p');
What actually happens is
ERROR: malformed SCRAM message
DETAIL: Attribute expected, but found invalid character "0x00".
which serves the purpose but was probably not quite intended that way.
I propose the attached patch to clean this up a bit, with better
comments and a better error message.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| Attachment | Content-Type | Size |
|---|---|---|
| 0001-Clean-up-some-SCRAM-attribute-processing.patch | text/plain | 1.7 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2019-08-17 12:57:50 | Re: some SCRAM read_any_attr() confusion |
| Previous Message | Binguo Bao | 2019-08-17 07:32:32 | Re: [proposal] de-TOAST'ing using a iterator |