| From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
|---|---|
| To: | Sergey Shinderuk <s(dot)shinderuk(at)postgrespro(dot)ru> |
| Cc: | Michael Paquier <michael(at)paquier(dot)xyz>, Jacob Champion <jchampion(at)timescale(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Fix error handling in be_tls_open_server() |
| Date: | 2023-09-20 08:42:23 |
| Message-ID: | 56409B53-586A-4B6C-B50D-CE6E3D788DDC@yesql.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> On 19 Sep 2023, at 10:06, Sergey Shinderuk <s(dot)shinderuk(at)postgrespro(dot)ru> wrote:
>
> On 19.09.2023 03:54, Michael Paquier wrote:
>> One doubt that I have is if we shouldn't let X509_NAME_print_ex() be
>> as it is now, and not force a failure on the bio if this calls fails.
>
> If malloc fails inside X509_NAME_print_ex, then we will be left with empty port->peer_dn.
Looking at the OpenSSL code, there a other (albeit esoteric) errors that return
-1 as well. I agree that we should handle this error.
X509_NAME_print_ex is not documented to return -1 in OpenSSL 1.0.2 but reading
the code it's clear that it does, so checking for -1 is safe for all supported
OpenSSL versions (supported by us that is).
Attached is a v2 on top of HEAD with commit message etc, which I propose to
backpatch to v15 where it was introduced.
--
Daniel Gustafsson
| Attachment | Content-Type | Size |
|---|---|---|
| v2-0001-Avoid-potential-pfree-on-NULL-on-OpenSSL-errors.patch | application/octet-stream | 2.1 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Stehule | 2023-09-20 08:46:00 | Re: CREATE FUNCTION ... SEARCH { DEFAULT | SYSTEM | SESSION } |
| Previous Message | Dilip Kumar | 2023-09-20 08:35:18 | Re: [PoC] pg_upgrade: allow to upgrade publisher node |