From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
---|---|
To: | pgsql-patches(at)postgresql(dot)org |
Subject: | Re: reading uninitialized buffer |
Date: | 2004-02-01 14:20:28 |
Message-ID: | 401D0B2C.5010208@dunslane.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-patches |
... and here it is. As for the test being outside the "if" statement, it
is true that that might waste a few cycles, but it hardly matters.
Personally, I would prefer to replace the if statement with this:
if (c == EOF || c == '\n')
{
*buf = '\0';
return;
}
and then it wouldn't be an issue at all, but I know some people don't
like early function returns - is there a general postgres style rule
about it?
cheers
andrew
I wrote:
>
> This time it is my fault, rather than freebsd's ;-)
>
> I think I can do something slightly cleaner than this, though, by
> hoisting the buf termination above the test. We could also replace the
> strncmp calls with strcmp calls if the buffer has its nul. I will post
> something soon.
>
> cheers
>
> andrew
>
>
> Dennis Bjorklund wrote:
>
>> I've been testing pg using valgrind and have found a read of an
>> uninitialized buffer. In the hba-tokenizer when we have not read any
>> characters (or too few) we still perform a couple of:
>>
>> strncmp(start_buf,"sameuser",8)
>>
>> Since this is done on random data it might return true although we have
>> not read anything. The result is that we can (even if the probability is
>> low) return the wrong thing.
>>
>> The solution is simply to terminate the buffer with '\0' before the
>> strncmp().
>>
>> I also moved our test inside the previous if, outside of that block our
>> test can never be true anyway. I don't know why it was outside in the
>> first place.
>>
>>
>>
>
Attachment | Content-Type | Size |
---|---|---|
hba.patch | text/plain | 983 bytes |
From | Date | Subject | |
---|---|---|---|
Next Message | Dennis Bjorklund | 2004-02-01 15:12:17 | Re: reading uninitialized buffer |
Previous Message | Andrew Dunstan | 2004-02-01 13:35:15 | Re: reading uninitialized buffer |