Re: Crash on backend exit w/ OpenLDAP [2.4.24, 2.4.31] - Mailing list pgsql-hackers

From Noah Misch
Subject Re: Crash on backend exit w/ OpenLDAP [2.4.24, 2.4.31]
Date
Msg-id 20140619165253.GA1065108@tornado.leadboat.com
Whole thread Raw
In response to Crash on backend exit w/ OpenLDAP [2.4.24, 2.4.31]  (Noah Misch <noah@leadboat.com>)
Responses Re: Crash on backend exit w/ OpenLDAP [2.4.24, 2.4.31]
List pgsql-hackers
On Thu, Jun 12, 2014 at 05:02:19PM -0400, Noah Misch wrote:
> You can cause the at-exit crash by building PostgreSQL against OpenLDAP
> 2.4.31, connecting with LDAP authentication, and issuing "LOAD 'dblink'".

> 4. Detect older OpenLDAP versions at runtime, just before we would otherwise
> initialize OpenLDAP, and raise an error.  Possibly make the same check at
> compile time, for packager convenience.

Having pondered this some more, I lean toward the following conservative fix.
Add to all supported branches a test case that triggers the crash and a
configure-time warning if the OpenLDAP version falls in the vulnerable range.
So long as those who build from source monitor either "configure" output or
test suite failures, they'll have the opportunity to head off the problem.

-- 
Noah Misch
EnterpriseDB                                 http://www.enterprisedb.com



pgsql-hackers by date:

Previous
From: Abhijit Menon-Sen
Date:
Subject: Re: idle_in_transaction_timeout
Next
From: Tom Lane
Date:
Subject: Re: Crash on backend exit w/ OpenLDAP [2.4.24, 2.4.31]