| From: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
|---|---|
| To: | Peter Eisentraut <peter(at)eisentraut(dot)org>, solai v <solai(dot)cdac(at)gmail(dot)com>, Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> |
| Cc: | Mark Dilger <mark(dot)dilger(at)enterprisedb(dot)com>, Andres Freund <andres(at)anarazel(dot)de>, Lars Kanis <lars(at)greiz-reinsdorf(dot)de>, pgsql-hackers(at)lists(dot)postgresql(dot)org, Merlin Moncure <mmoncure(at)gmail(dot)com> |
| Subject: | Re: libpq: Process buffered SSL read bytes to support records >8kB on async API |
| Date: | 2026-07-09 12:55:59 |
| Message-ID: | 4cdfc0dc-9f66-4113-ad00-6e7a2cfa7211@iki.fi |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 08/07/2026 22:16, Peter Eisentraut wrote:
> In pqDrainPending(), there is
>
> nread = pqsecure_read(conn, conn->inBuffer + conn->inEnd,
> bytes_pending);
> conn->inEnd += nread;
>
> But pqsecure_read() can return -1 for error. So adding that to conn-
> >inEnd at that point seems wrong.
>
> There is error handling in the following code, but this would still kind
> of corrupt the conn->inEnd value?
>
> /* When there are bytes pending, the read function is not supposed
> to fail */
> if (nread != bytes_pending)
> {
> libpq_append_conn_error(conn,
> "drained only %zu of %zd pending bytes
> in transport buffer",
> nread, bytes_pending);
> return -1;
> }
>
> I'm not sure if that comment means that a -1 return cannot happen? Or
> just that the whole error check should not happen?
The comment in pgsecure_bytes_pending() says:
> * If pqsecure_read() is called for this number of bytes, it's guaranteed to
> * return successfully without reading from the underlying socket. See
> * pqDrainPending() for a more complete discussion of the concepts involved.
so as long as pqsecure_read() and pqsecure_read_pending() honor that
contract, pqsecure_read() should not return an error. I agree that's a
bit sloppy though, we should still check the return value.
The intention was also that it cannot do a short read, but that wasn't
quite clear from the comment either.
> Also note that the format placeholder for nread is wrong. If you do get
> a -1, it will print some large unsigned value.
Good catch.
Patch attached to clean up all that.
- Heikki
| Attachment | Content-Type | Size |
|---|---|---|
| 0001-libpq-Make-error-checks-in-the-new-buffer-draining-c.patch | text/x-patch | 2.6 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Zsolt Parragi | 2026-07-09 13:31:34 | Re: Proposal: new file format for hba/ident/hosts configuration? |
| Previous Message | Chao Li | 2026-07-09 12:32:53 | Re: Fix duplicate detection for null-treatment window functions |