Thread: Bug Report with Postgres 7.4 on AIX 5.3
Dear Support, We try to install Postgres 7.4 on AIX 5.3 (IBM,9111-520). The compilation is good and we are able to start the postmaster. When we try to start the psql we got the following error : FATAL: unsupported frontend protocol 0.0: server supports 1.0 to 3.0 We run the psql under the AIX debugger dbx and our conclusions are the following : In the file fe-connect.c we try to copy a area of 1025 in the conn->raddr.addr area but the size of that area is only 144. The result is a corruption of the pg_conn structure +1175 /* Remember current address for possible error msg */ +1176 memcpy(&conn->raddr.addr, addr_cur->ai_addr, +1177 addr_cur->ai_addrlen); The addr_cur->ai_addrlen is set with the sizeof(struct sockaddr_un) in the file ip.c. In the file libpq-int.h the structure pg_conn contains 2 fields SockAddr * PGconn stores all the state data associated with a single connection * to a backend. */ struct pg_conn { ... SockAddr laddr; /* Local address */ SockAddr raddr; ... } The structure SockAddr is defined in the file pqcomm.h typedef struct { struct sockaddr_storage addr; ACCEPT_TYPE_ARG3 salen; } SockAddr; On Our AIX 5.3 the sockaddr_un is defined in the file /usr/include/sys/un.h #if defined(COMPAT_43) && !defined(_KERNEL) struct sockaddr_un { ushort_t sun_family; /* AF_UNIX */ char sun_path[PATH_MAX]; /* changed from 104 to PATH_MAX to support long user names */ }; #else struct sockaddr_un { uchar_t sun_len; /* sockaddr len including null */ sa_family_t sun_family; /* AF_UNIX */ char sun_path[PATH_MAX]; /* changed from 104 to PATH_MAX to support long user names */ }; #endif /* COMPAT_43 && !_KERNEL */ PATH_MAX is defined in the file /usr/include/sys/limits.h #if _POSIX_C_SOURCE >= 200112L && !(defined _ALL_SOURCE) || defined(_PATHMAX_HAS_NULL) #define PATH_MAX 1024 /* max number of bytes in a pathname. includes a terminating null */ #else #define PATH_MAX 1023 #endif In our platform the sizeof of struct sockaddr_un is 1025 and the sizeof of SockAddr is 144. In conclusion the instructions done in the function PQconnectPoll cause a memory overflow !!! +1175 /* Remember current address for possible error msg */ +1176 memcpy(&conn->raddr.addr, addr_cur->ai_addr, +1177 addr_cur->ai_addrlen); Are you aware about this problem ? Could you give us a way to solve the problem ? Kind Regards, Vincent Vanwynsberghe
Vincent Vanwynsberghe <vvanwynsberghe@ccncsi.net> writes: > In our platform the sizeof of struct sockaddr_un is 1025 and the sizeof of > SockAddr is 144. Doesn't AIX provide struct sockaddr_storage? That struct has to be at least as large as any of the other platform-specific sockaddr structs. regards, tom lane
The AIX 5.3 provide the structure sockaddr_storage : struct sockaddr_storage { ushort_t __ss_family; /* address family */ char __ss_pad1[_SS_PAD1SIZE]; /* pad up to alignment field */ #if defined(__64BIT__) || (defined(_ALL_SOURCE) && defined(_LONG_LONG)) int64_t __ss_align; /* field to force desired structure */ /* storage alignment */ #else int __ss_align[2]; #endif char __ss_pad2[_SS_PAD2SIZE]; /* pad to achieve desired size */ }; In Postgres the structure SockAddr is the following : typedef struct { struct sockaddr_storage addr; ACCEPT_TYPE_ARG3 salen; } SockAddr In Postgress this structure sockaddr_storage is filled with the structure sockaddr_un but the size of sockaddr_storage is less then the size of sockaddr_un and cause a memory overflow ! Do you have any idea how to find a workaround ? Vincent Vanwynsberghe > -----Original Message----- > From: Tom Lane [mailto:tgl@sss.pgh.pa.us] > Sent: mardi 10 mai 2005 18:46 > To: vvanwynsberghe@ccncsi.net > Cc: pgsql-ports@postgresql.org; pgsql-bugs@postgresql.org > Subject: Re: [BUGS] Bug Report with Postgres 7.4 on AIX 5.3 > > > Vincent Vanwynsberghe <vvanwynsberghe@ccncsi.net> writes: > > In our platform the sizeof of struct sockaddr_un is 1025 and > the sizeof of > > SockAddr is 144. > > Doesn't AIX provide struct sockaddr_storage? That struct has to be at > least as large as any of the other platform-specific sockaddr structs. > > regards, tom lane
Vincent Vanwynsberghe <vvanwynsberghe@ccncsi.net> writes: > The AIX 5.3 provide the structure sockaddr_storage : > ... > In Postgress this structure sockaddr_storage is filled with the structure > sockaddr_un but the size of sockaddr_storage > is less then the size of sockaddr_un and cause a memory overflow ! > Do you have any idea how to find a workaround ? Report this bug to IBM: the AIX headers are defining the structs wrong. You can quote RFC 3493 - Basic Socket Interface Extensions for IPv6 section 3.10: One simple addition to the sockets API that can help application writers is the "struct sockaddr_storage". This data structure can simplify writing code that is portable across multiple address families and platforms. This data structure is designed with the following goals. - Large enough to accommodate all supported protocol-specific address structures. regards, tom lane
On 2005-05-11, Vincent Vanwynsberghe <vvanwynsberghe@ccncsi.net> wrote: > The AIX 5.3 provide the structure sockaddr_storage : > > struct sockaddr_storage { > ushort_t __ss_family; /* address family */ > char __ss_pad1[_SS_PAD1SIZE]; /* pad up to alignment > field */ > #if defined(__64BIT__) || (defined(_ALL_SOURCE) && defined(_LONG_LONG)) > int64_t __ss_align; /* field to force desired structure > */ > /* storage alignment */ > #else > int __ss_align[2]; > #endif > char __ss_pad2[_SS_PAD2SIZE]; > /* pad to achieve desired size */ > }; If the size of sockaddr_storage is less than the size of sockaddr_un (or any sockaddr_* structure) then this is a bug in AIX, because the Unix standards clearly specify that sockaddr_storage must be both sized and aligned such that a sockaddr_* struct for any supported protocol can be stored there. See the entry for <sys/socket.h> in the Headers chapter of the Base Definitions volume of the SUSv3. -- Andrew, Supernews http://www.supernews.com - individual and corporate NNTP services