Re: BUG #19092: scram_free() will free on address which was not malloc()-ed in pg_scram_mech

Daniel Gustafsson <daniel(at)yesql(dot)se> writes:
>> On 21 Oct 2025, at 09:43, PG Bug reporting form <noreply(at)postgresql(dot)org> wrote:
>> The issue is about the only implementation of pg_fe_sasl_mech interface:
>> pg_scram_mech. In the init func of pg_scram_mech, the variable
>> state->password is assigned by variable prep_password, which is prepared in
>> function pg_saslprep(). However, pg_saslprep() will use palloc/pfree or
>> malloc/free determined by FRONTEND

> Mixing frontend and backend code like that seems to register somewhere on the
> "break it and you get to keep both pieces" scale.

We'd really need to see a concrete example to decide whether this is
a PG bug or user error. I think the SASL stuff is sufficiently poorly
tested that it could be a previously-unknown PG bug, but it's not clear.
So: test case, please.

>> This issue occurred when I was attempting to make a connection to Backend
>> via libpq interfaces in Backend itself.

> You tried to open a new database connection from a backend by embedding a libpq
> client into the backend?

postgres_fdw and dblink both do that. The operation is ticklish
enough that we've developed some common infrastructure, which
maybe you should be using: see src/include/libpq/libpq-be-fe.h
and src/include/libpq/libpq-be-fe-helpers.h.

regards, tom lane