| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Bryan Green <dbryan(dot)green(at)gmail(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [PATCH] Fix POSIX compliance in pgwin32_unsetenv() |
| Date: | 2025-10-20 01:02:31 |
| Message-ID: | aPWKJwVjX53MJtfQ@paquier.xyz |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sat, Oct 18, 2025 at 01:26:40PM -0500, Bryan Green wrote:
> I noticed that pgwin32_unsetenv() in src/port/win32env.c lacks the input
> validation that its sibling function pgwin32_setenv() has (lines 126-132).
>
> Without these checks, the function will crash on NULL input via
> strlen(NULL), and will accept empty strings or strings containing '=' in
> violation of POSIX.1-2008.
>
> The attached patch adds the same validation that pgwin32_setenv already
> does, making the two functions consistent. This is purely defensive - it
> only affects callers passing invalid arguments.
I presume that you have tried to use this routine on some external
code on WIN32 to note that it was just crashing.
The current state of pgwin32_unsetenv() dates back to 0154345078fb.
The POSIX checks of setenv() are more recent than that, as in
7ca37fb0406b down to v14. I agree that the inconsistency in handling
the input arguments is annoying, so if there are no objections let's
apply the same checks down to v14 like the setenv() piece. It's
better than a hard crash.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Fujii Masao | 2025-10-20 01:12:07 | Re: Fix lag columns in pg_stat_replication not advancing when replay LSN stalls |
| Previous Message | Michael Paquier | 2025-10-20 00:54:52 | Re: Executing pg_createsubscriber with a non-compatible control file |