Home > mailing lists

Re: Open 7.3 items - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Open 7.3 items
Date	August 18, 2002 01:36:14
Msg-id	13921.1029638171@sss.pgh.pa.us Whole thread Raw
In response to	Re: Open 7.3 items (Bruce Momjian <pgman@candle.pha.pa.us>)
Responses	Re: Open 7.3 items (Bruce Momjian <pgman@candle.pha.pa.us>)
List	pgsql-hackers

Tree view

Bruce Momjian <pgman@candle.pha.pa.us> writes:
> OK, here is the patch with the suggested changes.  I am sending the
> patch to hackers because there has been so much interest in this.

One minor gripe:

> +         /* If user@, it is a global user, remove '@' */
> +         if (strchr(port->user, '@') == port->user + strlen(port->user)-1)

This code is correct, but it tempts someone to replace the strchr()
with a single-character check on the last character of the string.
Which would introduce the security hole we discussed before.  The
code is okay, but *please* improve the comment to point out that you
are also excluding the case where there are @'s to the left of the
last character.
        regards, tom lane

pgsql-hackers by date:

From: Bruce Momjian
Date: 18 August 2002, 01:34:46
Subject: Re: compile warnings in CVS

From: Rod Taylor
Date: 18 August 2002, 01:40:43
Subject: Re: cvs-tip broken

Re: Open 7.3 items - Mailing list pgsql-hackers

Previous

Next